Privacy Notice

Abucombal S.A. de C.V., with address at Avenida Guty Cardenas 310, San Nicolás, León, Guanajuato, ZIP Code 37480, in compliance with the Federal Law on the Protection of Personal Data Held by Private Parties, is responsible for the processing and use of your personal data.
Through this Privacy Notice, we inform you of the terms and conditions applicable to the processing of personal data collected from our clients, suppliers, and/or any related individual.

Personal Data We Collect

As the party responsible for processing your personal data, we may collect various personal information from you, as the data subject, depending on the nature of the relationship you establish with us, whether as a client or supplier. The following are the categories of personal data we may collect, including data provided directly by you:
• Identification data: full name, marital status, nationality, Federal Taxpayer Registry number (RFC), Unique Population Registry Code (CURP), date and place of birth, as well as copies of official photo identification documents, such as voter ID card (INE), passport, professional license or identification document, and handwritten signature.
• Contact data: personal and tax address, work address, landline or mobile phone number, contact email address, and other similar means of contact.
• Employment data: occupation, position or role held, area or department, name of the company or institution where you work, length of employment, employment references, and address and contact information of your workplace. These data mainly apply when you act on behalf of a legal entity, when it is necessary to evaluate your creditworthiness, or in the case of individuals who work or intend to work with us.
• Asset and/or financial data: bank account information, such as bank name, account number, interbank CLABE, and card number; name of the bank account holder; payment history; information regarding income, assets, or property; records from the Credit Bureau or other Credit Information Companies; financial statements or bank account statements; and, in general, data necessary to make payments, reimbursements, or credit analyses. Some of these data will be requested when applicable for making payments to suppliers, processing reimbursements to clients, or evaluating the granting of credit to clients.
• Legal and administrative documentation: copies of official documents that may be required for the commercial relationship, such as articles of incorporation and subsequent amendments, in the case of legal entities; power of attorney of the legal representative; recent proof of address; certified bank statements; tax identification certificate (RFC) of the individual or legal entity; and other documents that support the information provided. These documents may contain personal data of both you and related third parties, for example, attorneys-in-fact or legal representatives.
• Image and sound data: images of you captured through video surveillance systems at our facilities when entering, remaining in, or leaving them, and/or photographs taken for security or access control purposes; voice recordings, for example, when you communicate with us by telephone, your calls may be monitored or recorded for quality and evidentiary purposes; and video recordings or other reproductions obtained through electronic, optical, or sound media during events, meetings, or videoconferences related to our operations.
• Sensitive personal data: only in the case of individuals who are our employees or job candidates, and exclusively to the extent necessary to know their medical condition in order to evaluate their fitness for the position and safeguard their safety and that of their work environment, we may collect data relating to their health status, limited to medical-labor fitness and contraindications or medical conditions relevant to the safe performance of the duties of the position. The collection and processing of these data require your express written consent.
In all cases, we will ensure that your personal data is treated confidentially and with appropriate security measures to prevent unauthorized access, damage, loss, alteration, or disclosure.

Purposes of the Processing of Your Data

The personal data we collect from you will be used for the following primary purposes, which are necessary for the existence, maintenance, and fulfillment of the relationship between you and us, as applicable:
• Providing products or services: processing your requests and carrying out the activities necessary to offer you the products or services you request or contract with us. This includes managing the sale, quotation, order, reservation, delivery, shipment, or supply of the corresponding goods and services, in accordance with the terms and conditions of our contracts or agreements.
• Identity and file verification: confirming and validating your identity, the authenticity of your official documents, and, where applicable, your legal representation capacity. Creating and updating your physical or electronic file as a client, supplier, or employee in our internal systems.
• Management of the contractual relationship: administering and following up on the commercial relationship we have with you. This includes the preparation, formalization, and filing of contracts, agreements, purchase orders, invoices, and other related documentation, as well as compliance with the mutually assumed obligations by both parties.
• Invoicing and payments: processing invoices, charges, collections, and corresponding payments. In the case of clients, issuing tax invoices and recording payments for the products or services acquired; in the case of suppliers, scheduling and making payments for the goods or services provided to us, including, when required, making electronic transfers to the bank accounts you have provided. Likewise, managing returns or reimbursements that may apply in favor of clients, in accordance with applicable policies.
• Credit evaluation and payment terms: where applicable, analyzing and evaluating your financial and credit situation to determine your eligibility for financing plans, credit sales, granting of credit, payment terms, or other deferred payment arrangements for our products or services. This may involve reviewing the information you provide, consulting your history with credit information companies, such as the Credit Bureau, and verifying commercial or banking references, in order to make informed decisions on credit approval and establish payment limits or conditions.

Express authorization from the client for consultation of credit history.

I accept that my credit history may be consulted before any credit information company.
Name and consent signature: ___________________________________ __________________.

• Communication and customer service: staying in contact with you to inform you about the status of the requested products or services, such as order confirmations, changes, or delivery delays; notifying you about new invoices or payments; or addressing your questions, complaints, clarifications, or suggestions related to our products or services. We will also use your contact data to coordinate appointments, technical visits, after-sales support, or any communication necessary to provide appropriate service.
• Compliance with legal obligations: complying with obligations established under applicable regulations and requirements from competent authorities. This includes, among others, tax obligations, such as the generation of digital tax receipts, reports to tax authorities, customs procedures where applicable; obligations related to consumer protection, fraud prevention, anti-money laundering prevention, such as verifications under anti-money laundering regulations or “AML,” know-your-client or “KYC” requirements, or other legal and regulatory mandates to which our company is subject in the course of its operations. In this regard, we may retain your data for the periods required by law and, if required, share information with government authorities that legally request it.
• Internal administrative management: maintaining efficient internal administrative control, which includes updating our client and supplier databases, generating statistical and historical reports for internal purposes, such as purchase/sales volumes or business analyses, as well as carrying out internal or external audits to verify compliance with our policies and obligations.
• Collection and exercise of rights: in the event of delay or breach of payment obligations by clients, using your contact and reference data to manage administrative or extrajudicial collection efforts, which may include payment reminders, debt restructuring, or, if necessary, transferring the case to collection agencies or external attorneys for debt recovery. Likewise, where applicable, using your data to exercise the legal actions necessary for the defense of our company’s rights and interests, which may include lawsuits, arbitration proceedings, or other dispute resolution mechanisms arising from the contractual relationship.
• Physical and electronic security: protecting the safety of persons, property, and our facilities. For this purpose, we may use video surveillance systems in our offices, stores, plants, or points of sale or service, as well as visitor entry and exit logs, in order to prevent or detect unlawful acts, risk situations, or violations of our security policies. Likewise, we may use recordings of telephone conversations or electronic communications for security, service quality, staff training, or as evidence of transactions and commitments assumed.
The personal data collected may be transferred only in the cases permitted by applicable law. In particular, it is noted that consent from the Data Subject is not required for transfers made to health, administrative, or judicial authorities when necessary to comply with legal requirements or for our legal defense.
Outside of such cases, any transfer for marketing purposes shall be limited exclusively to the Data Subject’s contact data, namely name, email address, and telephone number, and shall only be carried out if the Data Subject has not expressly objected.
Additionally, except for sensitive personal data, we may process your personal data for other secondary or ancillary purposes, which are not essential to the main legal relationship but help us provide better service or improve our products and services. Such secondary purposes, for which we will require your consent, are as follows:
• Marketing and promotions: sending you communications with promotional, advertising, or marketing information about our products, services, discounts, packages, special offers, or loyalty programs, whether by email, text messages, telephone calls, instant messaging applications, or social media. This includes sending newsletters, catalogs, invitations to corporate events, greetings on special dates, or other marketing communications directly related to us.
• Surveys and service improvement: conducting satisfaction surveys to evaluate the quality of our products or services, market research, consumer preference analyses, and surveys that allow us to improve the service provided, customer service, our commercial practices, or the development of new products. In some cases, we may invite you to participate in promotional activities, raffles, or contests as part of these improvement initiatives.
• References and success stories: with your authorization, using your name, contact, or experience as a commercial reference or success story before other potential clients, or publishing testimonials, provided we have your specific consent for such purpose. This purpose will only apply if you grant us express permission, and it will not be carried out in the event of refusal.
I accept that the foregoing may be used as a commercial reference or success story before other clients.
Name and signature: ________________________________ ____________________.
If you do not wish your personal data to be processed for any or all of these secondary purposes, you may deny your consent from this moment or at any later time by expressly communicating it. For this purpose, we provide the mechanism indicated in the ARCO rights section, by sending an email to the person responsible for personal data, or, where applicable, by selecting the option not to receive promotional communications in the corresponding tools or forms. Your refusal to allow the use of your data for secondary purposes will not be a reason for us to deny the products and services you request or contract with us.
Notwithstanding the foregoing, we expressly undertake not to transfer, under any circumstances and for any reason, your Sensitive Personal Data to third parties unrelated to the employment relationship or unrelated to the health center or hospital where you may be treated in the event of a workplace accident or illness. Therefore, any possibility of transferring clinical information, medical contraindication conditions, risk history, or sensitive diagnoses is excluded, particularly for advertising or marketing purposes. This prohibition is absolute and constitutes an institutional commitment to confidentiality, proportionality, and unrestricted respect for the dignity of the data subject.
Sensitive Personal Data Collected and Its Purpose
In compliance with Article 8 of the Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP), the Data Subject is informed that, within the framework of the employer-employee relationship that we have or may have with you, we collect and process Sensitive Personal Data in accordance with the principles of lawfulness, loyalty, consent, quality, and responsibility.
Sensitive personal data is collected only with respect to employees or job candidates and is limited to that which is strictly necessary to know their medical condition insofar as it is relevant to evaluate their fitness for the position and safeguard their safety and that of their work environment, in accordance with the principle of proportionality set forth in Article 12 of the Law. For such purposes, we may collect information regarding your medical-labor fitness, medical contraindications related to the duties of the position, and the results of entry or periodic medical examinations performed for that purpose.
All Sensitive Personal Data referred to herein shall be collected directly from the Data Subject through entry questionnaires and medical assessment notes.
Special acceptance for the processing of personal data considered sensitive
Name and acceptance signature of the employee or future employee:
Methods of Obtaining Personal Data
We collect your personal data in several ways, always lawfully and with your knowledge:
• Directly from you: when you provide it to us through different means. For example, when you visit our offices or physical facilities and fill out forms, enter into contracts, or deliver documentation in person; when you communicate with us by telephone or send us email communications; or when you interact with us through instant messaging, authorized digital communication applications, our website, or digital media. In these cases, the personal data you voluntarily provide will be the data necessary to establish or maintain the commercial or service relationship, for example, when requesting a quotation, placing an order, signing a contract, or requesting support.
• Electronic and digital means: when you visit our official website or use our online services, we may obtain your data through web forms, online registrations, for example, when creating a user account or subscribing to newsletters, cookies, web beacons, and other tracking technologies, in which case you will be informed through the corresponding cookie notices, as well as through interactions on our official social media pages, for example, if you send us a direct message, fill out a contact form on Facebook or LinkedIn, or participate in digital promotions. These electronic tools may collect data such as your username, public profile information, contact data, and any information you decide to share with us through such means.
• Sources permitted by law: we may obtain information about you from publicly available sources or legitimate third parties, provided this is permitted by applicable regulations. This includes searches in telephone directories, public records, such as the Public Registry of Property and Commerce to verify articles of incorporation or powers of attorney, government databases available for public consultation, such as RFC validation on SAT lists, as well as references provided by third parties with whom you have had commercial or credit relationships. For example, if you are a supplier, we may request commercial references from other clients of yours; if you are a client applying for credit, we may obtain banking references that you authorize us to contact. Additionally, to the extent permitted, we may consult information from Credit Information Companies or other financial entities for credit risk evaluation purposes, always with the required authorizations.
• Automatic collection: when entering our physical facilities, video surveillance systems may continuously capture and record your image for security reasons. Such recordings are properly indicated through visible signs and the information is stored temporarily and confidentially. Similarly, in telephone communications, our systems may automatically record the date, time, and duration of calls and, in certain cases, record the audio of such calls, after notice is provided at the beginning of the call. These automatic mechanisms are used for security, quality, and evidentiary purposes and do not seek to obtain information beyond what is necessary for such purposes.
Personal Data Retention Period
Your personal data will be retained only for the time strictly necessary to fulfill the primary purposes described herein and to address the legal obligations and official requirements imposed on us by various regulations, including, without limitation, tax and commercial regulations. In general, we will retain your personal data for a period of five (5) years from the termination of the legal or commercial relationship with you. Specifically, data relating to the breach of contractual obligations will be deleted once seventy-two (72) months have elapsed from the date on which such breach occurs, in accordance with Article 10 of the Law. Once the purpose of processing has been fulfilled and the mandatory retention periods have elapsed, your personal data will be blocked and subsequently deleted from our systems.
Transfer of Personal Data
We understand the importance of protecting your information. Therefore, we will not sell or rent your personal data to unrelated third parties. However, we may communicate or transfer some of your personal data to domestic or foreign third parties in the following cases and for the purposes described below:
• Law firms and legal advisors: we may share your data with external law firms, litigation attorneys, or collection agents with whom we have service agreements, solely for the purpose of representing us in the defense of our rights, managing extrajudicial or judicial collection of outstanding debts, recovering overdue accounts, or handling any legal dispute arising from the relationship with you. These third parties will process your data following our instructions and under a duty of confidentiality, using it only to the extent necessary to carry out the legal or collection activities entrusted to them.
• Accountants, auditors, and financial advisors: your data may be transferred to accounting firms, external auditors, including tax auditors, or other financial consultants engaged by the company, in order to comply with our accounting, auditing, and tax compliance obligations. For example, these professionals may access information contained in invoices, contracts, or payment receipts that include your personal data, to verify the proper accounting record of operations, the filing of tax returns, or the issuance of financial reports. In all cases, such third parties will be required to maintain the confidentiality of the information and use it only for the stated purposes.
• Financial institutions and payment processors: in order to carry out payments, reimbursements, or collections related to the relationship you have with us, we may disclose certain personal data to banks or other credit institutions, electronic payment platforms, payment gateways, or credit/debit card issuing companies. This may include the transfer of information such as your name, amount to be paid or reimbursed, CLABE bank account number, card number, banking institution, and other data strictly necessary to process the corresponding financial transaction, for example, when making an interbank transfer to your account or charging you through an authorized card payment. These receiving entities will process your data exclusively for the purpose of completing the requested financial transaction, under the applicable security measures and standards of the financial sector.
• Courier, parcel, and logistics companies: if it is necessary to send you documents, correspondence, goods, or deliver products to an address you provide, some of your data, such as name, address, and contact telephone number, may be provided to external courier or parcel companies, such as DHL, FedEx, Estafeta, or another logistics provider, so that they may collect, transport, and safely deliver the goods or documents. These providers will receive only the information necessary to provide their service and are prohibited from using it for any other purpose.
• Credit information companies and commercial references: if you request any credit, financing, or deferred payment scheme, we may share certain data about you, for example, name, RFC, and identification data, with credit bureaus or other financial entities in order to obtain your credit history, score, or payment references. Likewise, in some cases, we may provide your data to personal, employment, or commercial references that you have provided, solely to corroborate the information you provided to us, for example, to verify your place of employment or commercial background. These transfers related to credit evaluation will be carried out with your prior consent and in accordance with applicable financial laws.
• Affiliated and subsidiary companies: if Abucombal has affiliates, subsidiaries, or other companies within the same corporate group, whether domestic or foreign, you hereby authorize us to transfer your personal data to them, provided such companies need access to the information for purposes consistent with those described in this Privacy Notice. For example, we may share data with our related companies to centralize administrative operations, comply with global corporate guidelines, prepare consolidated statistical reports, or provide you with an integrated service involving the participation of several entities of our group. In all such cases, these companies will maintain the use of your data within the same purposes provided herein and subject to equivalent confidentiality policies.
• Authorities and third parties by legal mandate: finally, we may transfer your personal data when necessary or legally required by a competent authority, for example, in response to judicial requests, resolutions from administrative authorities, search warrants, summons, or to comply with legal obligations established in specific laws. Likewise, your data may be communicated to third parties when there is an emergency situation that may potentially threaten your life, health, or safety, or that of other persons, in which case such communication would be justified to protect your vital interests or those of the community.
It is important to highlight that, in all the transfer cases mentioned above, we undertake to share only the personal data strictly necessary for the purpose that justifies the transfer and to ensure that the receiving third party is aware of and assumes the confidentiality and personal data protection obligations provided by law and this Privacy Notice. Our company will require such third parties, contractually or legally, to maintain the confidentiality of the information provided and to use it exclusively for the authorized purposes.
It should be noted that the transfers of your personal data described above will, in most cases, not require your consent under Article 36 and related provisions of the LFPDPPP, since they are carried out to fulfill obligations arising from the relationship with you, by legal mandate, or based on other legal exceptions. In cases where the law does require your express consent to make a specific transfer, for example, consultation of your credit bureau history, where applicable, we will request it specifically and separately. Outside the situations described above, we will not share, transmit, transfer, or disclose your personal data to any other third party, unless you directly request or authorize us to do so, or unless any exception provided under data protection legislation applies.
Transfer of Contact Data for Marketing Purposes — Acceptance Clause
We recognize that the transfer of contact data to third parties, such as advertising agencies or consultants, for marketing purposes is not necessary for the provision of the service, as it is not a primary purpose.
Therefore, we state that such transfer of your contact or identification data, excluding Sensitive Data in all cases, will be carried out only if you grant your explicit consent. If you do not grant your consent for this transfer, we guarantee that this will not affect the provision of the products or services you request or contract with us.
I ACCEPT the transfer of my non-sensitive contact data to third parties for marketing and advertising purposes. [ ] Mark with an “X” if you accept.
Special acceptance for Transfer of Contact Data for Marketing Purposes:
ARCO Rights: Access, Rectification, Cancellation, and Objection
You, as the data subject, have the right to exercise at any time your rights of Access, Rectification, Cancellation, and Objection, commonly known as ARCO rights, with respect to the personal data concerning you that is in our possession. Below is a brief explanation of each right:
• Access: this is your right to know what personal data of yours we have in our databases, what we use it for, the origin of such data, if you did not provide it directly, and the general conditions of processing. Through the right of access, you may request that we provide you with a copy or report of your personal data contained in our records.
• Rectification: this is your right to request the correction or updating of your personal data if it is outdated, inaccurate, or incomplete. If you detect that any of the data we have is incorrect or has changed, for example, change of address, surname update, correction of your name, or modification of banking data, you may request that we rectify it to avoid any inconvenience. You must provide the documentation supporting the modification, if necessary, for example, proof showing the correct data.
• Cancellation: this is the right to request the deletion of your data from our databases when you consider that it is not being used in accordance with the applicable principles, duties, and obligations. Upon exercising cancellation, your personal data would enter a blocking period, meaning safeguarding without processing, after which it would be definitively deleted. It is important to mention that data cancellation is not an absolute right; therefore, we may retain certain data in specific cases where the law permits or requires it, for example, to comply with pending contractual obligations, exercise or defend rights in a legal proceeding, or comply with a legal requirement to retain information for a specific period. If any legal exception applies that prevents us from deleting your data, we will inform you.
• Objection: this is the right to object to the processing of your personal data for specific purposes. You may request, for legitimate reasons, that we stop using your data in particular situations, for example, to stop receiving advertising messages, objection to marketing purposes, or to object to your data being processed for certain secondary purposes. If your objection request is valid under the law, we will stop processing the data for the indicated purposes; otherwise, we will inform you with a legal justification.
To exercise any of your ARCO rights, you must submit a request complying with the requirements established by applicable legislation, Article 28 of the LFPDPPP. You may submit it in writing at our address previously stated, addressed to our Personal Data Department, or send it by email to:
hey@abucombal.com.mx
For security reasons and to ensure proper handling, your written request must contain at least the following information and documentation:

1. Full name of the personal data subject and address or other means of contact, for example, email address, to communicate the response to your request.

2. Copy of a valid official identification document, such as INE, passport, professional license, or other photo identification, of the data subject. If the request is made by a legal representative, a copy of the document proving representation, for example, power of attorney, and official identification of the representative must also be attached.

3. Clear and precise description of the personal data regarding which you seek to exercise any ARCO right, as well as the ARCO right you wish to exercise. For example: “I request the rectification of my telephone number, which is currently registered incorrectly,” or “I request the cancellation of my personal data from your client database.” In the case of rectification, you must indicate the correction to be made and provide the documentation supporting your request.

4. Any other element or document that facilitates the location of the personal data subject to the request. This may include, as applicable, the date on which you last interacted with us, the area of the company with which you had contact, your client or supplier number, or any specific reference that helps us quickly locate your data in our systems.

Once your complete request has been received, we will have a maximum period of 20 business days to communicate the determination adopted. If the request is valid, we will implement it within 15 business days following the date on which we inform you of its validity, for example, carrying out rectification, granting access, or cancelling the data, as applicable.
If the information provided in your request is incorrect or insufficient, or if the necessary documents are not attached, we may request, within 5 days following receipt of the request, that you provide the missing elements in order to process it. You will have 10 business days to comply with the request, and in such case, the response period will begin on the day after you correct the request. If you do not respond within such period, your corresponding request will be deemed not submitted.
We will respond to your request through the means of contact you have indicated, for example, email, digital platforms, or certified mail. We will inform you of the resolutions adopted and, if applicable, carry out the necessary actions or deliver simple copies of the requested information. The exercise of ARCO rights is free of charge; however, if you submit repeated requests within a period of less than 12 months, we may charge only the costs of reproduction, copies, or shipping, provided that such costs do not exceed three times the current Unit of Measurement and Update, in accordance with Article 34 of the Law.
At all times, you may revoke the consent you have granted us for the processing of your personal data or limit its use or disclosure, as explained below, which also forms part of your rights as data subject.
Finally, we inform you that, if you believe that we have not responded to your requests to exercise ARCO rights, or if you presume that your right to personal data protection has been violated by any act or omission on our part, you have the right to file the applicable rights protection request or complaint before the competent authority for personal data protection held by private parties, currently the Ministry of Anti-Corruption and Good Government, under the terms provided by law.
Revocation of Consent
In those cases in which we rely on your consent for the processing of your personal data, for example, to use your information for marketing purposes or to process non-essential financial and asset data, you have the right to revoke such consent. This means that you may at any time withdraw the authorization you have provided for us to continue processing your personal data under certain circumstances.
It is important to mention that we will not always be able to immediately comply with your revocation request or automatically conclude the processing of your data, since there are situations in which processing may be necessary for the provision of the service you requested, for compliance with an ongoing legal obligation, for example, invoices already issued or tax documentation that we must retain by law, or because the law otherwise permits us to process it. Likewise, revocation of consent will not have retroactive effects, meaning that we cannot undo processing that was already carried out based on your consent validly granted at the time.
To revoke your consent, you must submit a request following the same procedure described in the ARCO rights section, providing the indicated information and documents. In your request, you must clearly specify which consent you wish to revoke; for example, you may indicate that you revoke your consent for the processing of your data for advertising purposes. Once your request has been received, we will communicate the response within the legal periods, 20 business days, and, if applicable, from that moment we will cease using your personal data for the purposes for which you have revoked your consent.
Limitation of the Use or Disclosure of Your Data
In addition to the rights already mentioned, you may limit the use or disclosure of your personal data in the following ways:
• Exclusion from promotional communications: if you no longer wish to receive promotional, advertising, or marketing messages from us, you may request at any time to be included in our internal exclusion list. This means that we will mark your data in our database as “do not contact for promotional purposes,” ensuring that you stop receiving telephone calls, emails, text messages, or other communications of this nature. To do so, simply send a request to the email address previously mentioned, or follow the “unsubscribe” instructions included in our promotional emails.
• Other specific limitations: if you wish to impose any particular restriction on the handling of your data, for example, requesting that we not share certain information of yours with affiliates or non-obligated third parties, or choosing that your data be used only for certain services, you may inform us through a written request or by email at the address indicated above. We will analyze your request and, if it is valid under the law, we will record the specific limitation requested.
Additionally, we remind you that there is a Public Registry to Avoid Advertising (REPEP) of the Federal Consumer Protection Office, where you may register your telephone number to limit the receipt of advertising communications from any company, not only from our company. For more information about this public registry, you may consult PROFECO’s website or contact that institution directly.
Use of Cookies and Internet Tracking Technologies
On our online platform and official website www.abucombal.com.mx, we may use “cookies” and other tracking technologies, such as web beacons, pixels, or similar tools, that collect information during your browsing. Cookies are text files that are automatically downloaded to the electronic device you use when browsing our website and allow the server to remember certain user data, such as language preference, geographic region, browser type, pages visited, among other characteristics. These data are used to improve the user experience on our sites, enable the use of certain personalized functions, such as keeping your session active or remembering the contents of your shopping cart, as well as to obtain usage metrics, site performance data, and, in some cases, offer advertising according to your interests.
We inform you that you may disable the use of cookies by adjusting the privacy settings of your Internet browser. However, by disabling or blocking all cookies, you may experience limitations in the functionality of certain features of our website. For more details about the use of cookies and how you may manage them, you may consult the specific cookie notice available on our site or contact us.
Security Measures Implemented
We have implemented administrative, technical, and physical security measures to protect your personal data, which we periodically review and update. These measures include training our personnel in privacy matters, limiting access to information only to authorized personnel who need to know such data, using security locks on physical files, computer systems with restricted access, firewalls, encryption of sensitive data, and confidentiality agreements with our personnel and third-party suppliers. Although no data transmission or storage can guarantee 100% security, we strive to safeguard your personal data to prevent its loss, misuse, alteration, unauthorized access, or theft. In the event of any security breach that significantly affects your economic or moral rights, we will notify you immediately so that you may take the corresponding measures, in accordance with the provisions of the Law.
Changes or Updates to the Privacy Notice
This Privacy Notice may be modified, updated, or adapted in the future in order to reflect changes in our information practices, incorporate new security measures, or address legislative, regulatory, or other requirements. Any substantial or total change made to this Privacy Notice will be communicated to you through appropriate means. Usually, we will publish the updated versions of the notice on our official website, already referred to in the privacy section, or make them available at our offices or physical establishments. We recommend that you periodically review the content of this Privacy Notice through our official channels to stay informed about how we protect your information. If the changes require obtaining your new consent, we will inform you in due time, for example, if in the future we wish to process your personal data for additional purposes not described herein, we will request your prior authorization.
Date of last update: December 08, 2025.
Acceptance of the Notice
By voluntarily providing your personal data, whether in person, electronically, or by any other means, it is understood that you have read, understood, and accepted the terms of this Privacy Notice. However, with respect to our employees, their Sensitive Personal Data, including clinical history, diagnoses, and contraindications, are conditioned and subject to their express written consent, manifested through the handwritten signature included in the section “Special acceptance for the processing of personal data considered sensitive.” If you do not grant such written consent for the processing of your Sensitive Personal Data, we will refrain from collecting and processing it, without this affecting the employment relationship or the other purposes of this Notice that do not depend on such data.
If you have any questions or comments regarding this Privacy Notice, please contact us through the email addresses provided in this notice or at the address indicated at the beginning, addressed to the Personal Data Protection Department. We will be available to provide the assistance you require regarding privacy and personal data protection.
Name of the personal data subject: _________________________
Signature: ___________
Date: //___