In accordance with the provisions of the Federal Law on the Protection of Personal Data Held by Private Parties, as well as its Regulations and the Guidelines issued (collectively, the Law), we hereby inform you, for all legal purposes, of the following:
Here4Design, (hereinafter the “Data Controller”), with registered office at Paseo de la Arboleda, No. 677, Colonia Jardines del Bosque, Guadalajara, Jalisco; ZIP Code 44520. is responsible for your personal data in accordance with this privacy notice, in compliance with the Federal Law on the Protection of Personal Data Held by Private Parties (the “Law”).
The Data Controller will act as the data controller in accordance with the terms set forth in the Law and its Regulations, and will therefore be responsible for protecting the confidentiality of the personal, sensitive, financial, or proprietary data of each of its clients.
The Data Controller notes that for any matters related to the processing of personal data by the aforementioned institutions, the following contact methods are available:
Through this Privacy Notice, the Data Controller hereby states that the MAIN PURPOSES of processing your personal data are as follows, which are necessary for the requested service:
DATA PROCESSING
Offices: Paseo de la Arboleda, No. 677, Colonia Jardines del Bosque, Guadalajara, Jalisco; ZIP Code 44520.
Email support: [email protected]
Personal data shall be understood to mean any information relating to an identified or identifiable natural or legal person, and sensitive personal data shall be understood to mean data that affects the most intimate sphere of the data subject or whose misuse could give rise to discrimination or pose a serious risk to the data subject, in accordance with the provisions of the Law.
The processing of personal data by the Data Controller will be limited to fulfilling the purposes of processing set forth in this Privacy Notice.
PURPOSES OF DATA PROCESSING
(i) COMMERCIAL PURPOSES
Provide a quote for your service.
Answer your questions and address your comments regarding the web, corporate, and graphic design services offered on our website.
(ii) MARKETING PURPOSES:
Specifically, the Data Controller will carry out the following:
Offline and/or online marketing and promotional activities (telemarketing and direct mail)
Phone calls and emails to verify customer information.
If you do not wish for your personal data to be processed for these additional purposes, you may indicate so below:
I do not consent to the use of my personal data for the following purposes:
[ ] Marketing or advertising.
[ ] Phone calls.
To exercise this right, you may now send a request to withdraw your consent to the following email addresses: [email protected]
Refusing to allow us to use your personal data for these purposes will not be grounds for us to deny you the products and/or services you request.
PERSONAL DATA COLLECTED
To carry out the activities described in this Privacy Notice, the Data Controller will use the following personal data about you:
The personal identification data that will be processed (which may be collected in person or online):
Account holder’s full name
Cell phone number
Email address
Here4Design will not collect sensitive personal data; however, if it does, Here4Design will do so in accordance with Article 9 of the Law, under which you may refuse or consent to the collection of sensitive personal data.
Personal data is collected through: (i) direct collection, online, or by any other means permitted by law; (ii) the voluntary completion of data collection forms via digital means; (iii) the submission of documents in person or electronically, including, but not limited to, fax, telex, telegram, email, instant messaging, and other means; (iv) through transfer from third parties under the terms established by the Law and its Regulations. Such virtual or digital means shall be: Instagram®️, WhatsApp®️, and Facebook®️ accounts, as well as the website https://here4design.com/, which shall hereinafter be collectively referred to as the “Site”.
*** Translated with www.DeepL.com/Translator (free version) ***
You further represent and agree that you have obtained the consent of any individuals whose personal data you provide in connection with the services provided by the Data Controller, as well as of any other individuals you authorize, on the understanding that such data will be governed by this Privacy Notice.
The Data Controller informs you that your personal data may be collected directly and in person by the staff at the customer service center; these staff members will be properly identified.
TRANSFER OF PERSONAL DATA
The individual or company to whom the personal data is disclosed agrees to be subject to the processing of such data in accordance with this Privacy Notice.
Unless it falls under any of the provisions of Article 37 of the Law.
If you do not expressly object to the transfer of your personal data to third parties, it will be understood that you have granted the Data Controller your tacit consent for such purpose.
In the event that the Data Controller transfers the personal data of its contacts and/or customers and/or any of its current or future subsidiaries, internal staff from other departments, and/or third parties, for the purpose of carrying out the processing purposes set forth in this Privacy Notice, it will do so only after entering into confidentiality agreements and provided that:
RIGHTS OF ACCESS, CORRECTION, CANCELLATION, AND OBJECTION (A.R.C.O.)
You have the right, either directly or through a legal representative, to access, correct, delete, or object to the processing of your personal data, in accordance with the terms and subject to the exceptions set forth in the Law and its Regulations, as well as any applicable provisions.
To access, correct, delete, object to, or restrict your personal data, you must send a request addressed to Roy José Flores Del Toro or [email protected]; all requests must include the following:
I. Name of the data subject, as well as an email address to which the decision may be sent.
II. Documents proving your identity.
III. A clear and precise description of the personal data regarding which you wish to exercise any of the aforementioned rights.
IV. Any other information or documents that may facilitate the identification of the personal data.
V. In the case of rectification, you must indicate the changes to be made and provide documentation supporting your request.
The Data Controller shall notify the data subject within fifteen business days from the day following receipt of the request; this period may be extended by the Data Controller on a one-time basis for an equal period. The Data Controller shall inform the data subject of the decision reached and the date on which the notification will take effect, which may not exceed ten business days.
The decision will be communicated to the individual via the email address used to submit the request.
Similarly, the data subject is hereby informed that they may file a data protection request with the National Institute for Transparency, Access to Information, and Protection of Personal Data (I.N.A.I.) regarding the response received or the lack of a response from the Data Controller. Such a request must be submitted by the data subject within 15 business days following the date on which the response is communicated .
In the case of requests for access to personal data, the requester—whether the data subject or their legal representative—must first verify their identity. The obligation to provide access to the information shall be deemed fulfilled when the data controller makes the personal data available to the data subject via electronic documents.
If a person requests access to personal data from the Data Controller, assuming that the Data Controller is the data subject and/or the data controller, and it turns out that this is not the case, it will suffice to inform the person of this fact via email.
The response to a request for access, correction, deletion, or objection regarding personal data will be provided free of charge. You will only be required to cover reasonable shipping costs or the cost of reproducing the information in copies or other formats. In the event that the same person repeats the request for ARCO Rights within a period not exceeding 12 twelve months from the date of the last request, the response to the request may incur an additional cost in accordance with the Law.
REFUSAL TO ACCESS PERSONAL DATA
The Data Controller may deny access to all or part of the personal data or refuse to correct, delete, or object to the processing of such data in the following cases:
When the requester is not the data subject or the legal representative, and/or cannot provide reliable proof of identity.
When the requester’s personal data cannot be found in the controller’s database.
When the rights of a third party are infringed.
When there is a legal impediment or a ruling by an authority.
When the correction, deletion, or objection has already been processed.
CONSEQUENCES OF CANCELLATION
The deletion of personal data will result in a retention period, after which the Data Controller will proceed to delete the personal data.
Once the relevant personal data has been deleted, the Data Controller will notify the data subject. Once this has been done, the Data Controller may retain the personal data solely for the purposes of fulfilling the obligations arising from the processing.
If personal data has been disclosed to third parties prior to the correction or deletion and is being processed by those third parties, the Data Controller must notify them of the request submitted by the data subject so that they may proceed to make the corresponding corrections or deletions.
CONSENT OR OBJECTION TO THE PROCESSING OF PERSONAL DATA
In order for the Data Controller to process personal data, data subjects must provide their express or implied consent to such processing, which may be given through the following means:
ACCEPTANCE
A. Publication on the Site.
The Data Controller will publish this Privacy Notice on its Website so that, once you have read it, you may grant or deny your consent for the Data Controller to process your personal data.
B. A.R.C.O. Rights Exercised in Person.
When personal data is obtained directly from the data subject, the Data Controller will make this Privacy Notice available to the data subject at the time their personal data is collected, in a clear and reliable manner, through the forms that the Data Controller uses or may come to use.
C. ARCO Rights by Implied Consent.
Pursuant to the provisions of Article 8 of the Law, the content of this Privacy Notice, as well as any modifications or additions thereto, will be communicated to you through any of the established means, and if you do not express opposition to the content and scope thereof within a period of 30 calendar days, counted from the date on which the Data Controller informs you of the Privacy Notice, it will be understood that you grant your tacit consent.
D. ARCO rights, retroactively.
For all our customers, prospects, affiliates, and/or data subjects who have provided us with their personal data—whether by filling out registration forms to obtain information or quotes for the products and/or services of the Data Controller—the Privacy Notice will be made available to them in accordance with the provisions of the preceding sections, so that they may grant or deny their consent (express or implied).
OPPOSITION
In order to ensure the protection of your personal data and to prevent its unauthorized use or disclosure, the Data Controller continuously takes and will continue to take the following measures:
RESTRICTIONS ON THE USE OR DISCLOSURE OF PERSONAL DATA
A. Confidentiality of Information.
The Data Controller will maintain the confidentiality of the personal data collected from you, which will remain in effect even after the termination of your business or other relationships with the client or the data subject.
B. Privacy Notice.
In the event that, for any reason, the Data Controller is required to provide your personal data to third parties (in accordance with the terms set forth in the Law or in this Privacy Notice), it will notify such third parties of their obligation to comply with the provisions established in the Law and to maintain the confidentiality of your personal data.
C. Database Management.
Personal data is managed and safeguarded through the use of databases, which are managed solely by individuals designated by the Data Controller for that purpose; unauthorized persons are not permitted to use, view, handle, or access this data.
D. Computer and IT Systems.
Our Databases are protected by firewalls and computer and/or IT systems designed to prevent and stop individuals outside the Data Controller or unauthorized persons from accessing your personal data.
TRACKING TECHNOLOGIES ON OUR WEBSITE
Please be advised that the websites operated by the Data Controller may use cookies, web beacons, and other tracking technologies to monitor your behavior as an internet user, as well as to provide you with a better service and user experience while browsing these websites.
Cookies: are text files that are automatically downloaded and stored on a computer’s hard drive when browsing a specific website. They allow the web server to remember certain information about the user, including their preferences for viewing pages on that server, as well as their username and password.
Web Beacons: are images embedded in a web page or email that can be used to track a visitor’s behavior, such as storing information about the IP address, the duration of the visit to that page, and the type of browser used, among other things.
You may disable these technologies at any time if you wish. You can disable the use of cookies and web beacons directly from your browser.
CHANGES TO THE PRIVACY NOTICE
This Privacy Notice may be modified at any time in order to adapt it, without limitation, to our activities and/or changes in internal practices, or to future legal amendments that come into effect.
Any changes made to this notice will be communicated to you via email, WhatsApp®️ message, or any other means by which we can contact you. In addition, they will be made available on our website.
By making this privacy notice available to you, whether in person or through any means of communication, and if you do not immediately object, it will be understood that you have tacitly consented to the processing of your data. If you provide your data, whether verbally or in writing, via electronic means or any other technology, it will be understood that you have given your express consent.
I hereby declare under penalty of perjury that I have read this Privacy Notice in its entirety and fully understand its scope and content. I hereby grant my consent to the Data Controller to process my personal data in accordance with this Privacy Notice.
(Last modified October 2, 2024)