PRIVACY NOTICE related to personal data collected by B&S ASESORIA DENEGOCIOS S DE R.L. DE C.V. (hereinafter referred to as “B&S”). 1.- General. 1.1.- B&S IS A COMPANY COMMITTED TO AND RESPECTFUL OF THE RIGHTS OVER THE PERSONAL DATA OF NATURAL PERSONS, RECOGNIZED IN ARTICLE 16, SECTION II OF THE POLITICAL CONSTITUTION OF THE UNITED MEXICAN STATES, AS WELL AS THE PROVISIONS OF THE FEDERAL LAW ON THE PROTECTION OF PERSONAL DATA HELD BY PRIVATE PARTIES. FOR THIS REASON, IT MAKES THIS PRIVACY NOTICE AVAILABLE SO THAT THE HOLDER OF THE PERSONAL DATA IS ABLE TO EXERCISE THEIR RIGHT TO INFORMATIONAL SELF-DETERMINATION. 1.2.- BY ENTERING AND USING THIS INTERNET PORTAL, WHOSE DOMAIN NAME IS: www.bsasesoria.com and www.bstaxes.com, HEREINAFTER JOINTLY REFERRED TO AS “THE SITES”, PROPERTY OF B&S, YOU (THE HOLDER) DECLARE THAT YOU ARE ACCEPTING THE TERMS AND CONDITIONS CONTAINED IN THIS NOTICE AND YOU EXPRESSLY DECLARE AND GRANT YOUR ACCEPTANCE AND CONSENT BY USING ELECTRONIC MEANS FOR SUCH PURPOSE, IN TERMS OF THE PROVISIONS OF ARTICLE 1803 OF THE FEDERAL CIVIL CODE. 1.3.- IF THE HOLDER DOES NOT ABSOLUTELY AND COMPLETELY ACCEPT THE TERMS AND CONDITIONS OF THIS NOTICE, THEY MUST REFRAIN FROM SHARING ANY TYPE OF INFORMATION WITH B&S BY ANY MEANS, INCLUDING THE SITE: www.bsasesoria.com and www.bstaxes.com. 1.4.- IN THE EVENT THAT THE HOLDER CONTINUES TO USE www.bsasesoria.com and www.bstaxes.com, WHETHER IN WHOLE OR IN PART, SUCH ACTION SHALL BE CONSIDERED AS THEIR ABSOLUTE AND EXPRESS ACCEPTANCE OF THE TERMS AND CONDITIONS SET FORTH HEREIN. 1.5.- THE MERE USE OF THE WEBSITE GRANTS THE PUBLIC USER (HEREIN AFTER REFERRED TO AS THE “HOLDER” OR THE “HOLDERS”) THE STATUS OF HOLDER AND IMPLIES THE FULL AND UNCONDITIONAL ACCEPTANCE OF EACH AND EVERY ONE OF THE GENERAL AND SPECIFIC CONDITIONS INCLUDED IN THIS PRIVACY NOTICE IN THE VERSION PUBLISHED BY B&S AT THE VERY MOMENT THE HOLDER ACCESSES THE PAGE. THE PARTIES AGREE THAT, AS THERE IS NO ERROR, FRAUD, BAD FAITH OR ANY OTHER DEFECT OF WILL THAT COULD NULLIFY THE VALIDITY OF THIS INSTRUMENT, THEY BOTH AGREE TO BE SUBJECT TO THE PROVISIONS OF THE FOLLOWING: 2.- Definitions. 2.1.- Holder. – The natural person (HOLDER) to whom the personal data identifies or corresponds. 2.2.- Sensitive personal data. – Those personal data that affect the most intimate sphere of their holder, or whose improper use may give rise to discrimination or entail a serious risk for them. 2.3.- Responsible party. – A natural or legal person (B&S) of a private nature who decides on the processing of personal data. 2.4.- Processor. – The natural or legal person who alone or jointly with others processes personal data on behalf of the responsible party. 2.5.- Processing. – The obtaining, use (which includes access, handling, exploitation, transfer or disposal of personal data), disclosure or storage of personal data by any means. Processing – The obtaining, use (which includes access, handling, exploitation, transfer or disposal of personal data), disclosure or storage of personal data by any means. 2.5.1 Transfer. – Any communication of data made to a person other than the responsible party or the processor. 2.6.- ARCO Rights. – Rights of Access, Rectification, Cancellation and Opposition. 2.7.- Tacit Consent. – It shall be understood that the holder has consented to the processing of their data when, having been made available to them the Privacy Notice, they do not express their opposition. 2.8.- Primary Purposes. – Those purposes for which the personal data are mainly requested and which give rise to the relationship between B&S and THE HOLDER. 2.9.- Secondary Purposes. – Those purposes that are not essential for the relationship between B&S and THE HOLDER, but whose processing contributes to the fulfillment of B&S’s corporate purpose. 3.- Identity and address of the responsible party. The parties responsible for obtaining the personal data are B&S ASESORIA DE NEGOCIOS S DE R.L. DE C.V., who undertake to respect the provisions of this Privacy Notice (hereinafter the “Notice”), which is made available in compliance with the provisions of the Federal Law on the Protection of Personal Data Held by Private Parties (hereinafter the “Law”) and is applicable with respect to the personal data of natural persons that B&S obtains as a result of the activities it carries out with prospective clients, suppliers, prospective suppliers and/or business partners, visitors to the facilities, and users of THE SITES. The address that B&S establishes for the purposes of this notice is located at: Av. Ejército Nacional 843-B, Antara I, 5th floor, Granada, Miguel Hidalgo, CDMX, C.P. 11520. 4.- Data that is collected. THE HOLDER acknowledges and accepts that B&S will directly obtain the following personal data, depending on the relationship with each HOLDER: General. Full name, short name, date and/or place of birth, age, gender, nationality, migratory status, image and voice, fingerprint, marital status, signature, photograph, civil marriage regime, home address or delivery address, tax address, landline and/or mobile phone, email, Skype user, social security number, fax, CURP (Unique Population Registry Code), driver’s license number, education level, client or supplier ID assigned. Job position, salary, department, contact details in case of emergency, time and date of entry and exit to B&S facilities. For parents, spouse and children (name, age, address and occupation). For economic dependents (name, relationship, age, main activity, school or university). For personal references or contact data (name, address, phone and company where they work). Academic data. Last grade of studies, thesis title, institution, generation, grade point average, degree obtained, current studies, schedule and institution, office functions they are proficient in, courses or seminars, institution and date of such courses, knowledge of languages and computer and office equipment, and availability to travel. Personal interests, civil associations, social or sports activities in which they participate and how often. Professional experience. Companies, business lines, phone numbers, periods, last salaries, names and positions of last immediate supervisors. Supplier-assigned number, Afore (retirement fund) registration, area to which they belong, birth certificate, copy of official identification, proof of address and copy of last proof of studies. Additionally, the following documents may be requested in copy: Official Identification: CURP, updated CV, birth certificate, proof of studies or professional license, recent proof of address, photocopy of their last 3 (three) account statements, three letters of recommendation (with contact data), copy of their last tax return and copy of credit bureau report. 4.2. Additionally, B&S may collect the following financial data: Federal Taxpayers Registry, tax regime, monthly income, monthly expenses, real estate properties in their name and whether they own or rent the property where they live, type of bank account, number, bank and branch, tax regime, number of employees, payment method, business line, advanced electronic signature, lease agreements, employment or services agreements, accounting documentation such as returns and audits, statement cover, total income, type of housing, property value, commercial and banking references and credit limits with such references, predominant activity, and bank card data. 4.3. THE HOLDER hereby expressly gives their consent under the terms of Article 9 of the LFPDPPP (Federal Law on the Protection of Personal Data Held by Private Parties), so that B&S may process their personal, and financial and/or property data contained in this clause, in order to comply with the purposes established in this Privacy Notice. 4.4. B&S states that it may obtain THE HOLDER’s personal data through so-called publicly accessible sources, in order to validate, update and contact THE HOLDER, always respecting the reasonable expectation of privacy referred to in Article 7 of the LFPDPPP. 4.5. B&S will use IP (Internet Protocol) information to analyze any type of threat to THE SITES, as well as to gather demographic information. However, IP information will in no case be used to identify HOLDERS, except when there is a likelihood of fraudulent activity. 5.- Use of “Cookies” and “web beacons”. 5.1.- B&S recognizes that THE SITES may use “cookies” in connection with certain features or functions. Cookies are specific types of information that a website transmits to the HOLDER’s computer hard drive in order to keep records. Cookies can serve to facilitate the use of a website by saving passwords and preferences while the HOLDER browses the internet. 5.2.- THE SITES do not use or store cookies to obtain personally identifiable data from the HOLDER’s computer that have not been originally sent as part of the cookie. 5.3.- “Web beacons” are images embedded in an internet page or email that can be used to monitor a visitor’s behavior, such as storing information about the user’s IP address, the length of time interacting on such page and the type of browser used, among others. 5.4.- Although most browsers automatically accept “cookies” and “web beacons”, THE HOLDER may configure their browser so that it does not accept them. 5.5.- To disable “cookies”, the following instructions must be followed: 5.5.1.- On a PC: open the internet browser, go to the “Tools” menu, enter “Internet Options”, select the “Privacy” tab, move the settings slider to “Block all cookies”. 5.5.2.- On a Mac: open the internet application, go to “Preferences”, select the “Security” option, choose “Never” in the “Accept Cookies” option. 6.- Purposes of the processing of personal data. 6.1 B&S accepts and recognizes that it may process THE HOLDER’s personal data, directly or through processors, in accordance with the type of relationship it has with them, for the following primary purposes: a) HOLDER – Visitor: 1. To identify visitors in B&S facilities. 2. To carry out, directly or through the Processor, the registration of entries and exits of visitors, computer equipment and goods to B&S facilities. 3. Audio and/or video recording of visitors to the facilities, which are kept for up to six (6) months. 4. To store in a database the registration data for entries and exits to B&S facilities for a period of up to five (5) years from the date of registration. b) HOLDER – Clients and/or Prospective clients: 5. To contact them by telephone or email, to attend and follow up on requests for services. 6. To register and annually update their data in internal software for access to personal data by authorized persons. 7. To create and store a physical file of the HOLDER-Client for the duration of the business relationship and for up to ten (10) years after its termination. 8. To prepare electronic invoices and credit notes derived from the services marketed by B&S. 9. To carry out transactions with credit institutions, arising from business operations. 10. To carry out the necessary procedures to grant lines of credit, such as requesting references in the Credit Bureau, verifying banking and commercial references. 11. To request the sending of “Charge Authorization Letters” and a valid official identification for payment with credit cards, and to contact them by phone to verify the bank details for the charge. 12. To carry out workshops or training courses requested. 13. To use cloud services to make B&S internal processes more efficient. Additionally, for: c) HOLDER – Supplier and/or Prospective Supplier: 14. To register the Supplier profile in the internal software for internal access to personal data by authorized persons. 15. To contact them by phone or email to follow up on requests for services and/or products required by B&S. 16. To carry out bank transfers and verify data in connection with product or service requisitions made by B&S. 17. To clarify payments. 18. To generate a record and control in the “Suppliers” database of B&S, which will be kept and updated for ten (10) years. 19. To keep a physical and/or electronic file of the Supplier during the business relationship and for ten (10) years after its termination for any reason. 20. To prepare and send payment schedules according to commercial conditions agreed with B&S. 21. To use cloud services to make B&S internal processes more efficient. d) HOLDER – User: 22. To contact the HOLDER-User by email to attend and follow up on their comments or requests in the “Contact” section of THE SITES. 23. To locate B&S offices closest to the HOLDER-User. 24. Sending of mail marketing. 25. To store personal data in internal systems for the duration of the relationship with B&S and for five (5) years thereafter. 6.2. B&S may process the HOLDER’s personal data for the following secondary purposes: 26. In the case of HOLDER-Client, to evaluate the quality of the services offered by B&S, as well as the quality of attention to their comments or requests. 27. To send them communications or newsletters for advertising or marketing purposes regarding products or services offered by B&S. 28. To conduct internal studies on consumer habits, and behavior measurement in stores or franchises. 29. To provide additional communications, information and promotions, such as newsletters and invitations to events or greetings. 30. To inform by email about changes or new products related to the service requested by the HOLDER. 31. To contact the HOLDER-User in order to inform them about website updates, informative messages and service communications, including important security updates. 32. To generate internal reports on the use of THE SITES. 33. In the case of HOLDER-Clients and Suppliers, to generate a record in B&S databases that will be kept for ten (10) years. 34. Mass mail marketing campaigns. 35. Telephone or email surveys about customer interests and expectations regarding products or services. 36. To attend and follow up on requests or comments on B&S profiles within social networks. 6.3.- If the holder does not want their personal data to be used for all or some of the Secondary Purposes established in section 6.2., they must send a request to delete their data, specifying the purposes for which they do not want their personal data to be processed, to the following email address: privacidad@bsasesoria.com. 6.4.- Likewise, B&S informs the HOLDER that, except for the exceptions described in points 6.1 and 6.2 of this Notice, all personal data stored in physical media will be kept for five (5) years once their purpose has been fulfilled, after which they will be destroyed. For data contained in electronic media for which no storage period has been established, the retention period shall be up to ten (10) years after the purpose for which they were collected has been fulfilled. 7.- Limitations for access to and disclosure of personal data. B&S undertakes to make its best effort to protect the security of the personal data that THE HOLDER provides, by entering into legal acts and using technologies that control access, use or disclosure of information without authorization; for that purpose, personal information is stored in databases with limited access located in controlled facilities with security mechanisms. B&S undertakes to treat the information provided by THE HOLDER as confidential and to use it under full privacy. In this regard, B&S undertakes to take the necessary measures to ensure that the Processors it uses comply with this Privacy Notice. 8.- Person responsible for handling requests. In the event that THE HOLDER needs to revoke their consent, as well as Access, Rectify, Cancel or Oppose the processing of personal data they have provided, they must do so through the person designated by B&S, whose details are described below: Responsible: Salvador Zamora Ornelas Email: privacidad@bsasesoria.com 9.- Means to revoke consent. THE HOLDER of the personal data may revoke the consent granted with the acceptance of this notice. Such revocation of consent granted by electronic means must be carried out observing the following procedure: 9.1.- Send an email addressed to the Responsible, designated in point 8 of this Notice, who will handle such requests. 9.2.- Send a request or data message to the email address indicated above, stating: 9.2.1.- The HOLDER’s full name, address and email address to receive the response generated in connection with their request; 9.2.2.- The reason for their request; 9.2.3.- The arguments supporting their request or petition; 9.2.4.- An official document proving their identity and that shows they are who they claim to be; 9.2.5.- The date from which the revocation of their consent becomes effective. 9.3.- B&S will notify THE HOLDER, within a maximum period of twenty (20) days from the date the request for the exercise of ARCO rights was received, of the decision adopted, so that, if appropriate, it may become effective within fifteen (15) days following the date on which the response is communicated, by means of a message stating that all actions aimed at ceasing the processing of THE HOLDER’s personal data have been carried out. 10.- Means to exercise ARCO rights. In the event that THE HOLDER needs to Access, Rectify, Cancel or Oppose the personal data provided to B&S, they must follow the following procedure: Send an email addressed to the Responsible, designated in point 8 of this Notice, who will handle such requests, stating the following: 10.2.1.- The HOLDER’s full name, address and email address to receive the response generated in connection with their request; 10.2.2.- The reason for their request; 10.2.3.- The arguments supporting their request or petition; 10.2.4.- An official document proving their identity and that shows they are who they claim to be; 10.2.5.- A clear and precise description of the personal data with respect to which they seek to exercise any of the ARCO rights, and any other element or document that facilitates the location of the personal data. 10.2.6.- In the case of requests for rectification of personal data, THE HOLDER must indicate, in addition to what is stated above, the modifications to be made and provide the documentation supporting their request. 10.3.- B&S will notify THE HOLDER, within a maximum period of twenty (20) days from the date on which the request for access, rectification, cancellation or opposition was received, of the decision adopted, so that, if appropriate, it may become effective within fifteen (15) days following the date on which the response is communicated. In the case of requests for access to personal data, delivery will proceed upon prior proof of the identity of the applicant or their legal representative, as appropriate. 11.- Transfer of personal data. B&S may at any time transfer THE HOLDER’s personal data to third parties or authorities that request it in order to provide the services it offers to the public, in all cases to comply with this Notice. Likewise, B&S undertakes not to transfer your personal information to third parties for purposes other than those established in this Notice. THE HOLDER accepts and acknowledges that if they do not express their opposition to the transfer of their data, it will be understood that they have given their consent for this purpose. Notwithstanding the foregoing, in the event that security breaches occur at any stage of the processing that significantly affect the patrimonial or moral rights of the HOLDERS, they will be informed by email immediately, so that they can take the corresponding measures to defend their rights, releasing B&S from any liability if the breach is not attributable to it. 12.- Modifications. The parties agree that this Privacy Notice may be modified in the time and manner that B&S determines, taking into account studies and regulations on personal data protection that may arise, and therefore undertakes to keep it updated for consultation on THE SITES, as well as to notify it by email, so that, where appropriate, THE HOLDER is able to exercise their ARCO rights. 13.- Applicable law and jurisdiction. The parties declare that this notice shall be governed by the applicable legal provisions in the United Mexican States, especially by the provisions of the Federal Law on the Protection of Personal Data Held by Private Parties and its Regulations. In the event of a dispute or controversy arising from the interpretation, performance or compliance of this Notice or any of the documents deriving from it or related to it, the parties will amicably seek to reach an agreement within a period of thirty (30) calendar days from the date on which any difference arises and written notice of such event is given to the other party, initiating a mediation process before the Center for Alternative Justice of Mexico City, to be conducted under the Alternative Justice Law of the Superior Court of Justice of Mexico City and its Internal Regulations in force at the time the dispute arises. If the parties do not reach an agreement, they hereby agree to submit any disagreements arising from this NOTICE or any of the documents deriving from it or related to it to the jurisdiction and laws of the Federal Administrative Authorities or Courts of Mexico City, expressly waiving any other jurisdiction that might correspond to them by reason of their present or future domiciles.
Hello, do you need a diagnostic review? Please provide your details.
