Notice of Privacy

1. Identity and address of the Responsible.

In accordance with article 15 of the Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP by its acronym in Spanish or FLPPDHPP), VMGDL S. DE RL DE CV (hereinafter “ VMGDL ”), with address at: Calle Doctores 334 – 4, Col Lomas del Seminario, CP 45038, in Zapopan, Jalisco, informs you of this Comprehensive Privacy Notice.

2. Personal data and Sensitive Data subject to treatment.

VMGDL, as part of its business activities, requires the collection and processing of personal data obtained directly from the owner, indirectly, through physical, electronic or face-to-face means, as well as from authorized public sources, in order to comply with the primary and necessary purposes indicated in this Comprehensive Privacy Notice.

The Personal Data that will be treated according to the type of owner are:

-For Clients and / or Suppliers (Natural Persons), identification data, addresses, tax data, contact data, as well as personal, credit, commercial, financial and patrimonial data. In the case of clients and / or suppliers, sensitive personal data is not processed.

-For Candidates, Employees and / or Professional Services, Identification data, address, contact data, academic data, courses, diplomas, certifications, Languages, skills, knowledge, areas of experience and Interest, extra-academic data, reference data work, personal and family, patrimonial and financial data, as well as the following Sensitive Personal data: personal health data and union membership.

-For Contractors (Natural Persons), identification data, contact data, employment data, data that verify the validity of rights in matters of social security or insurance of major medical expenses. In the case of contractors, no sensitive personal data is collected.

-For Visitors to Internet portals, identification data and contact information. In the case of users who visit internet portals, no sensitive personal data is collected.

-For visitors to the facilities, identification data, contact details, if applicable, the company they represent and the reason for the visit. In the case of visitors, sensitive personal data is not processed.

In all cases, the sensitive personal, patrimonial and financial data are intended for VMGDL to comply with the obligations derived from the  legal relationship established with the Holder.

It is our commitment that they will be treated under strict security measures, always guaranteeing their confidentiality.

In the event of providing any type of personal data related to another person as a reference, for the purposes of this privacy notice, you declare and accept that you have obtained the corresponding prior consent of said person to do so.

Consent will not be necessary for the processing of Personal Data  when:

  • It is foreseen in a Law
  • The data appear in publicly accessible sources
  • Personal Data are subject to a prior dissociation procedure 
  • Has the purpose of fulfilling obligations derived from a legal relationship between the Owner of the Personal Data and VMGDL
  • There is an emergency situation that could potentially harm an individual in his property or person; or 
  • A competent authority resolution is issued

3. Purposes of the treatment.

The primary purposes for which VMGDL can request, obtain, store and / or use Personal Data by type of Holder are:

a) In relation to Clients and Suppliers to verify and check their identity, prepare proposals and quotes, for their commercial contracting, to carry out all the activities that are necessary for the legal relationship, to send them information on matters related to the commercial relationship, to contract services necessary to deliver the counter benefits and in kind agreed and established in the contracts, for statistical purposes and preparation of periodic reports, to keep our databases updated, to carry out all the procedures before the corresponding authorities, to count with updated files, for managing payments and collection of contracted services, for evaluating the quality and satisfaction of products and services.

b) In relation to Candidates and Employees to verify and check their identity, for the evaluation and internal control of knowledge and skills, for their employment hiring, for the administration of human resources and talent management, to contract services necessary to deliver the economic and in-kind compensation agreed and established in the contracts, to carry out all the activities that are necessary for the legal relationship, to communicate to their contacts any situation that warrants it. To keep our databases updated, to carry out all the procedures before the corresponding authorities, to have filesUp-to-date, to keep track of occupational health programs, to prepare documents, contracts, agreements, invoices, receipts, acknowledgments and, in general, any document related to the employment relationship .

c) In relation to Contractors for the monitoring and control of their visit, as well as to allow access to the facilities.

d) In relation to Visitors to Internet portals to attend any request for information or service through the contact options available on our electronic pages on the Internet.

e) In relation to Visitors to our facilities to monitor and control their visit, as well as to allow access to the facilities.

4.Transfer of personal data.

The Owner understands and accepts that VMGDL is authorized to transfer the Data to third parties, respecting at all times the purposes set forth in this Privacy Notice. VMGDL as part of the processing of personal data, does not transfer Sensitive Personal Data, Patrimonial or Financial. If required, it will not be carried out without the prior express written consent of the Owner.

Based on articles 36 and 37 of the Federal Law on Protection of Personal Data Held by Private Parties, Personal Data may be lawfully transferred for the purposes established in this Privacy Notice to:

i) Subsidiaries, affiliates, affiliates, controllers, and / or controlled companies of VMGDL within the national territory or abroad,

ii) When the transfer is necessary to provide the products and services or to comply with the contracted labor or commercial relationships. The Owner accepts that by providing their Personal Data, they will be subject to the transfers mentioned in this Privacy Notice.

5. Means and procedure to exercise ARCO rights.

To exercise your ARCO rights (access, rectification, cancellation and opposition), as well as to limit its use or disclosure or request the revocation of consent, you should contact to VMGDL by writing at Attention to Personal Data, Calle Doctores 334 – 4, Col Lomas del seminario, CP 45038, in Zapopan, Jalisco, Monday through Friday from 9:00 a.m. to 2:00 p.m. and from 4:00 p.m. to 6:00 p.m., on business days, as appropriate.

In order to process any request for access, rectification, cancellation, opposition, as well as to limit the use / disclosure or to request the revocation of consent, it must be received at the aforementioned address, as well as contain and accompany the following:

a) The name of the Holder, address and / or any other means to communicate the response to your request;

b) The documents that prove the identity or, where appropriate, the legal representation of the Holder;

 c) The clear and precise description of the Personal Data with respect to which one seeks to exercise any of the aforementioned rights;

d) Any other element or document that facilitates the location of the Holder’s Data, as well as his RFC and / or CURP code to avoid any homonymy.

e) Specify clearly if the request is for access, rectification, cancellation, opposition; limit use / disclosure or revocation of consent.

f) the reason for the request and

g) The modifications to be made, in case the request is for the rectification of Personal Data and provide the documentation that supports your request.

In the event that the information provided in the ARCO Request is insufficient or erroneous to attend to it, or failing that, the necessary documents are not attached to process it, VMGDL will require the owner of the data or their representative, within 5 business days following receipt of the ARCO Request, for a single time, to provide the elements or documents necessary to process it. The owner of the data or his representative will have 10 business days from the day after receipt of the request, to respond.

VMGDL will respond to the ARCO Request with the determination reached, within 20 business days from receipt of the request, or if additional information or documents have been requested, within 20 business days from the day following the presentation of the response to the request.

If the ARCO Request is appropriate, VMGDL will make the determination made effective within a period of 15 business days from the date the response is communicated to the owner of the data or their representative. In the case of ARCO Requests on the right of access to personal data, the delivery of the same will be made after accreditation of the identity of the owner of the data or their representative. VMGDL may extend the deadlines to respond to an ARCO Request, and / or to make the determination made effective, only once, for periods equal to those indicated in each case, provided that it considers that the circumstances of the case justify it.

In such cases, VMGDL will notify the owner of the data or his representative, the circumstance (s) that justify the extension, within each of the original deadlines to respond or make effective the determination reached. The responses to the ARCO Requests will be delivered to the owner of the data or to their legal representative in simple copies or in an electronic file according to the type and quantity of documents in each case.

For the revocation of consent, it will be enough for the owner to present his request at the VMGDL address .

VMGDL will make this request effective, as long as it is not a personal data necessary for the existence, maintenance and fulfillment of its legal relationship with the owner of the data. VMGDL may deny access, rectification, cancellation or opposition to the processing of data, in the following cases:

  • When the applicant is not the owner of the personal data, or the legal representative is not duly accredited for it;
  • When the applicant’s personal data is not found in its database
  • When the rights of a third party are injured
  • When there is a legal impediment, or the resolution of a competent authority that restricts access to personal data or that does not allow their rectification, cancellation or opposition.
  • When the rectification, cancellation or opposition has been previously made.

6. Mechanisms and procedures so that the owner can revoke his consent.

VMGDL will be empowered to give the treatment it deems appropriate to Personal Data, as long as it is carried out in accordance with the purposes indicated in subsection (a) of Section 3, of this Privacy Notice. For the treatment of the purposes indicated in subsection (b) of the aforementioned Section, VMGDL may carry out said treatment until it receives the refusal from the Holder. In order for the Holder to express his refusal in this regard, he must contact the VMGDL through the procedure established for the exercise of ARCO Rights indicated in Section 5 of this Privacy Notice.

7. Options to Limit Use or Disclosure.

To comply with the purposes of this Privacy Notice, as well as to be able to process Personal Data, VMGDL may deliver all or part of the Data to third parties who may be natural or legal persons, national or foreign, affiliated companies or subsidiaries, including suppliers of goods or services, that require to know this information, including providers of information storage servers, who will be obliged, by contract, to maintain the confidentiality of Personal Data and in accordance with the provisions of this Privacy Notice . Third party recipients may be industrial, commercial and / or VMGDL companies undertakes to have sufficient and necessary legal and security measures to guarantee that your Personal Data remains confidential and secure. In order for the Holder to be able to make a request to limit the use or disclosure, he must contact the VMGDL through the procedure established for the exercise of ARCO Rights indicated in Section V of this Privacy Notice.

8. Communication for the use of Cookies, Web Beacons or similar.

In the event that the Owner provides their Data through electronic means (portal), the Owner understands, accepts and acknowledges that:

a) You can include links to third-party websites, which, if accessed, VMGDL does not assume any responsibility in relation to those third parties.
b) You can include links to sites that manage social networks, in which case the Owner accepts that, by providing any type of information or Data on said sites, it will cause it to be read, viewed, accessed, retransmitted and processed by anyone. , and therefore releases VMGDL from any liability .

Cookies: These are data files that are stored on the hard drive of the computer equipment or electronic communications device of a user when browsing a specific Internet site, which allows the exchange of status information between said site and the user’s browser. . The status information can reveal means of session identification, authentication or user preferences, as well as any other data stored by the browser regarding the Internet site.

Web beacons: They are a visible or hidden image inserted within a website or email, which is used to monitor user behavior on these media. Through these you can obtain information such as the source IP address, browser used, operating system, time the page was accessed, and in the case of email, the association of the above data with the recipient.

VMGDL may use cookies or web beacons to facilitate navigation and to obtain greater efficiency by facilitating the personalization of the services offered to visitors on its portal. The cookies or web beacons used do not provide references that allow the visitor’s name and surname to be deduced and they cannot read data from their hard drive or include viruses in their texts.

Nor is it possible to read the cookies implanted on the visitor’s hard drive from other servers. The visitor can configure their browser to accept or reject all cookies or web beacons by default or to receive a warning on the screen of the receipt of each cookie or web beacons and decide at that time whether or not to implement it on their hard drive.

9. Changes to the Privacy Notice.

This Privacy Notice may undergo modifications, changes or updates derived from new legal requirements; of our own needs for the products or services we offer; of our privacy practices; Changes in our business model, or other causes. It is our commitment to keep you informed about the changes that this Comprehensive Privacy Notice may undergo, through our website at www.vmgdl.com

Update date April 2021