Privacy Notice

Business Process Solutions S.A. de C.V. hereinafter Xamai, with domicile at Miguel Laurent 804, floor 7, Col. Letrán Valle, Delegación Benito Juárez, Ciudad de México, C.P. 03650, is responsible for the processing of your personal data.

How to contact us?

Legal area located at Miguel Laurent 804, floor 7, Col. Letrán Valle, Delegación Benito Juárez, Ciudad de México, C.P. 03650, email: mmunoz@scanda.com.mx, with attention to María Eugenia Múñoz Flores. Your personal data will be used for the following purposes: 

 

  • Market our products and services.
  • Conduct telephone or electronic campaigns to promote new products and/or services with our clients.
  • Inform about new products, services, or changes related to the contract or purchases made by our clients.
  • Statistical and market analysis.
  • Invitation to events and webcasts organized by the Group and the companies that comprise it.
  • Evaluate the quality and satisfaction with the products and/or services acquired by our clients.
  • Comply with obligations undertaken with our clients.
  • Comply with obligations undertaken with our suppliers.
  • Comply with requirements made by authorities, when necessary to safeguard the public interest, the administration of justice, and the pursuit of justice.
  • For the aforementioned purposes, we require obtaining the following personal data:
  • Full name, company where they work, email address, phone numbers, position.

 

For the purposes indicated in this privacy notice, we may collect your personal data in various ways: when you provide it to us directly; when you visit our website or use our online services, in the activities you carry out within our facilities, and when we obtain information from other sources permitted by law. We collect your personal data directly when you provide it to us through various means, such as when you provide us with information in order for us to provide you with a service. As well as the personal data that we collect when you visit our website or use our online services or personal data that we collect through other sources permitted by law.

 

We may obtain information about you from other sources permitted by law, such as telephone or employment directories. We inform you that to fulfill the purposes outlined in this privacy notice, sensitive personal data will be collected and processed, such as those referring to current or future health status, genetic information, religious, philosophical, and moral beliefs, union affiliation, sexual preferences, etc. We commit to treating them under the strictest security measures that guarantee their confidentiality. In accordance with what is established in Article 9 of the aforementioned law, we require your express consent for the processing of your sensitive personal data, so we ask you to indicate whether you accept or not the processing: 

 

By submitting Xamai forms, you consent to your sensitive personal data being processed in accordance with the terms and conditions of this privacy notice.

 

You may stop receiving promotional messages by email by notifying us at the following email address: mmunoz@scanda.com.mx  You also have the right to access the personal data we hold and the details of the processing of the same, as well as to rectify it in case of inaccuracy or incompleteness; to cancel it when you consider that it is not required for any of the purposes stated in this privacy notice, is being used for non-consented purposes, or the contractual or service relationship has ended, or to object to the processing of the same for specific purposes.

 

The mechanisms that have been implemented to exercise these rights are through the submission of the respective request at: mmunoz@scanda.com.mxThe data subject or their legal representative may request from the data controller at any time access, rectification, cancellation, or opposition, with respect to the personal data that concern them. The request for access, rectification, cancellation, or opposition must be presented in writing to the personal data privacy department by email: mmunoz@scanda.com.mxThe request must contain and be accompanied by the following: 

 

  1. The name of the data subject, address, as well as a telephone and another means to communicate the response to their request;
  2. Cona endalidad of acreditar your identityad, la persona physicala must anexar a your original applicational and copya para your comparison, of asome of the following documents: 
    1. valid passport
    2. voter ID card
    3. professional ID
    4. valid migration document issued by the competent authority (in the case of foreigners)
    5. Consular Enrollment Certificate
    6. Electronically signed and protected by a valid digital certificate

  3.  If the application is submitted through a legal representative, a power of attorney signed by the data subject must be attached, expressly stating that said legal representative is authorized to exercise the rights of access, rectification, cancellation, and opposition on behalf of and in the name of the user, duly notarized to ensure legal certainty for both the interested party and the institution itself. Such power of attorney shall contain no annexes of the identification documents of the user previously mentioned in number two.
  4. La description clara and precisa of the datos personales respecto de los que se busca ejercer alguno de los derechos antes mencionados.
  5. Any other element or document that facilitates the location of the personal data.
  6. In requests for rectification of personal data, the user of the services must clearly indicate, in addition to what has been stated previously, the modifications to be made and provide the documentation supporting their request.
  7.  El responsable comunicará al usuario de los servicios en un plaup to a maximum of fifteen daysas, contatwo from la datea on which thea request for aaccess, rectificationation, caelalation or opposition, thea determinaation adoptadaa effect that, if it isa procedural, it will beaga effectivea la samea within the fifteen daysafollowing a la datea in which they communicatea la responsea.
  8. Traregarding requests of aaccess a datos personales, will proceed la deliverya, previoa acreditation of la identityad of the applicantante, usuario of the services or representante legal, as appropriatea. The plazos señalados serán contados por días hábiles. La obligación de aaccess a la información se dará por cumplida cuando se pongaa disposición del usuario de los servicios los datos personales; o bien, mediante la expedición de copias simples, documentos electrónicos o cualquier otro medio que se le informe al usuario de los servicios una vez realizada la solicitud.

 

The aforementioned deadlines may be extended only once for an equal period, provided that the circumstances of the case so warrant.

 

    1. The data controller may deny access to personal data, or fail to rectify or cancel it, or grant opposition to its processing, in the following cases:
      1. when the applicant is not the owner of the personal data, or the legal representative is not duly accredited for that purpose.
      2. When the applicant's personal data is not found in its database.
      3. When the rights of a third party are violated.
      4. When there is a legal impediment, or a resolution of a competent authority, that restricts access to personal data, or does not allow rectification, cancellation or opposition to it, and
      5. When the rectification, cancellation or opposition has already been previously carried out. The denial referred to above may be partial, in which case the data controller will effect the access, rectification, cancellation or opposition requested by the user of the services in a partial manner.

 

The delivery of personal data will be free of charge, and the user of the services will have to cover the justified expenses of sending or the cost of reproduction in copies or other formats. The data controller will inform the owner, within a maximum period of fifteen days, counted from the date on which the request for access, rectification, cancellation or opposition was received, of the determination adopted, so that, if it is appropriate, it is made effective within the fifteen days following the date on which the response is communicated. In the case of requests for access to personal data, prior accreditation of the identity of the applicant or legal representative, as appropriate, will be required. The deadlines indicated will be counted in business days. The obligation to access the information will be deemed fulfilled when the personal data is made available to the owner; or by issuing simple copies, electronic documents or any other means that will be informed to the owner once the request has been made. If the owner requests access to the data to a person who presumes to be the data controller and this turns out not to be, it will be sufficient to indicate this to the owner by any of the aforementioned means, in order to consider the request fulfilled. The data controller may deny access to personal data, or fail to rectify or cancel it, or grant opposition to its processing, in the following cases:

 

  1. when the applicant is not the owner of the personal data, or the legal representative is not duly accredited for that purpose;
  2. When the applicant's personal data is not found in its database;
  3. When the rights of a third party are violated.
  4. When there is a legal impediment, or a resolution of a competent authority, that restricts access to personal data, or does not allow rectification, cancellation or opposition to it,
  5. When the rectification, cancellation or opposition has already been previously carried out. This right will be exercised by the owner free of charge, after accreditation of their identity before the data controller. However, if the same person reiterates their request within a period of less than twelve months, the costs will not be greater than three days of the current general minimum wage in the area of the information controller, unless there are substantial modifications to the privacy notice that motivate new consultations.

 

Your personal data may be transferred and processed within and outside the country, by persons other than this company. In this sense, your information may be shared with subsidiaries, controlled companies, shareholders, partners and third parties with whom we have commercial relationships, for the purpose of fulfilling contractual obligations, requirements of competent authorities and those inherent in our corporate purpose. We are committed to not transferring your personal information to third parties without your consent, except for the exceptions provided in Article 37 of the Federal Law on Protection of Personal Data Held by Private Parties, as well as to carry out this transfer in the terms established by that law. Unless the cases established in Article 37 of the aforementioned law, if you do not express your opposition to the transfer of your personal data, it will be understood that you have granted your consent for it.

 

Due to the fact that we will transfer sensitive personal data, we require your express consent, in accordance with what is established in Article 9 of the aforementioned law, so we request you to indicate whether you accept this transfer:

 

We reserve the right to make changes or updates to this privacy notice at any time, for the purpose of attending to legislative developments, internal policies or new requirements for the provision or offering of our services or products. These modifications will be available to the public through the following means:

 

  • visible announcements in our establishments or customer service centers;
  • brochures or leaflets available in our establishments or customer service centers;
  • on our website [*], privacy notice section;
  • or we will send them to the last email address you have provided us.

 

Cookies are text files that are automatically downloaded and stored on the user's computing device's hard drive when browsing a specific internet page, allowing the internet server to remember some data about this user, including their preferences for displaying pages on that server, name, and password. Web beacons, on the other hand, are images embedded in an internet page or email, which can be used to monitor the behavior of a visitor, such as storing information about the user's direction of travel, duration of interaction time on that page, and the type of browser used, among others. We inform you that we use cookies and web beacons to obtain personal information from you, such as the following: your browser and operating system type, the internet pages you visit, the links you follow, your IP address, and the site you visited before entering ours.

These cookies and other technologies can be disabled; to learn how to do so, please consult the following link or electronic address. mmunoz@scanda.com.mx If you believe that your right to the protection of your personal data has been violated by the conduct of our employees or by our actions or responses, and you presume that there is a violation of the provisions foreseen in the Federal Law on the Protection of Personal Data Held by Private Parties, you may file the corresponding complaint or denunciation with the IFFAI. For more information, visit www.ifai.org.mx.

The texts, photos, and any other information published on this website are - unless expressly stated - the property of XAMAI. Any use, storage, copying, or reproduction of its content, even in parts, is only permitted with express written authorization. XAMAI is a registered trademark.

 

en_USEnglish
es_MXEspañol de México es_ESEspañol en_USEnglish