Privacy Notice

PRIVACY NOTICE OF ISATEL DIVISIÓN LABORATORIOS, S.C.

 

 

  1. PURPOSE AND LEGAL BASIS

 

This Privacy Notice of ISATEL DIVISIÓN LABORATORIOS, S.C. (hereinafter “ISATEL Laboratories”) is intended to define the scope and general conditions of the Personal Data processing (hereinafter the “Processing”), as well as to inform the Owners that they can take informed decisions and maintain control and disposition over the use of their data.

 

Likewise, this Privacy Notice allows ISATEL Laboratories to carry out said Processing in a transparent way, and thereby strengthen the level of trust of the Owners.

 

This, as provided in the second paragraph of Article 16 of the Mexican Constitution, which states that: “everyone has the right to the protection of their Personal Data, to access, rectify, and cancel them, as well as to express their opposition in terms of the law, which will also establish the exception cases to the principles that govern data processing, for national security reasons , public order provisions, public health and safety, or to protect the rights of third parties.”

 

 

The regulatory provision is the Federal Law on Protection of Personal Data in Possession of Private Parties and its Regulations (hereinafter “the Law” and its “Regulations”, respectively). This legal order establishes the definition of Personal Data which is “any information concerning an identified or identifiable NATURAL PERSON.

 

 

That is the reason for ISATEL Laboratories to provide this Privacy Notice available, as responsible for informing the Owners about the existence and main characteristics of the Personal Data processing, in order that you can exercise your rights to informative self-determination, privacy and protection.

 

 

  1. IDENTITY AND ADDRESS OF THE CONTROLLER

 

For the purposes of this Privacy Notice ISATEL DIVISIÓN LABORATORIOS, S.C., will be designed as the “Controller” in the Processing of Personal Data, which refer in an enunciative way to the obtaining, disclosure, storage, use, including access action, management, exploitation, transfer, or disposal of the data.

 

ISATEL Laboratories is a company legally incorporated under Mexican laws and is the owner of the website www.isalab.mx.

ISATEL Laboratories declares to be individually responsible to collect the Personal Data and indicates its address at Tamaulipas Avenue, 1172 Local 3, Garcimarrero, Álvaro Obregón, 01510, Mexico City.

 

 

The Controller by this Notice is committed to protect and respect the privacy of the Owner’s Personal Data and to observe the principles of legality, consent, information, quality, justification, loyalty, trust, proportionality, and responsibility.

 

  1. PERSONAL DATA THAT WILL BE PROCESSED

 

Personal Data that may be processed by the Controller, will be classified according to the following categories:

 

 

 

  1. a) Non-Sensitive Personal Data.

 

  • Identification data and contact information.
  • Location data.
  • Patrimonial, financial and tax data.
  • Demographic data.
  • Information about the consumer preferences regarding the offered services.

 

  • Information generated by other connected or used devices for browsing our website, including internet consumption and apps usage data.

 

  • Information that you provide us voluntarily for the attention of complaints, claims or information and service requests.

 

The Non-Sensitive Personal Data listed above may be obtained by any of the electronic means owned by the Controller, or directly and/or personally by any other means available to the Owner.

  1. b) Sensitive Personal Data.

We inform you that, for the objectives of this Privacy Notice, sensitive personal data will not be processed.

  1. PURPOSE OF THE PROCESSING OF PERSONAL DATA.

Personal Data collected by the Controller have the following purposes:

Primary. Those that are necessary for the existence, maintenance, and fulfillment of the legal relationship between the Controller and the Owner, which consist of:

  1. Confirm the identity of the Owner, so that it is possible to verify that the Personal Data contained and/or shown in the Owner’s identification documents match with the information held by the corresponding authorities.
  2. Keep the information and respond to requirements that may arise, by any competent authority.
  3. Carry out the management so that the Personal Data are updated, that is, accurate, complete, pertinent, and correct.
  4. Comply with the provisions contained in the Mexican Law for the Prevention and Identification of Operations with Illicit Resources.
  5. Provide the services that the Owners requests and carry out all actions necessary to achieve them.
  6. Formalize a contractual relationship between the Owner and the Controller and comply with the obligations contracted.
  7. Offer the Owner products and services through the electronic means owned by the Controller.
  8. Update the database of clients, users, and prospects.
  9. Attention to doubts, complaints, and clarifications, as well as receive suggestions and comments.
  10. Preparation of service quality surveys.
  11. Design, development, analysis, advertising and/or promotion of new products and services.
  12. Know the opinion, satisfaction, and experience of the services received by the Owner.
  13. Follow up and exercise of any lawful action in the event of breach of any legal and/or contractual obligations on the Owner’s part, related to payments or illicit conducts.

 

Primary. Those that are not necessary for the existence, maintenance, and fulfillment of the legal relationship between the Controller and the Owner, such as:

 

  1. Send communications related to offers, promotional messages, marketing, advertising, and commercial prospecting purposes.

 

  1. Follow up on the request to contract a service.

 

  1. Invite to events, conferences or workshops.

 

  1. Generate statistical information related to the services offered by the Controller

 

  1. DISCLOSURE OR USE LIMITATION FOR PERSONAL DATA PROCESSING.

ISATEL Laboratories has administrative, safety, physical and technical measures, as well as internal privacy policies and programs, which prevent the disclosure of protected Personal Data, in accordance with this Privacy Notice and the laws on the matter.

These efforts make possible to guarantee that the Processing of Personal Data is carried out under strict protection protocols and controls.

Personal Data will be processed as strictly confidential, so that the obtaining, transfer, and application of the rights derived from them, will be in accordance with adequate and legitimate use criteria, and permanently safeguarding the principles of legality, consent, information, quality, justification, loyalty, proportionality, and responsibility.

  1. RIGHTS OF ACCESS, RECTIFICATION, CANCELLATION OR OPPOSITION (ARCO RIGHTS).

The “ARCO” rights refer to the rights of Access, Rectification, Cancellation and Opposition that every Owner has to safeguard his/hers Personal Data. The Owner has the right to access their Personal Data held by the Controllers and the know the details of their Processing, to rectify and modify them if they are inaccurate, to cancel them when he/she considers that they are excessive or unnecessary for the purposes that justified their obtaining, or to oppose the processing of the data for specific purposes.

To request the application of any of the ARCO rights, the Owner can contact the Controller’s Personal Data Department, by email at laboratorios@isalab.mx, or at the following address: Tamaulipas Avenue, 1172 Local 3, Garcimarrero, Álvaro Obregón, 01510, Mexico City.

The Controller will send the Owner by the same means, an application form with instructions to be filled out, which must contain at least the following information regarding the Owner:

  1. Full name and address, email, or other means to communicate the response to the request.
  2. Scanned copy of the official document with which the Owner proves his/her identity, or in case the procedure is not carried out directly by the Owner, a power of attorney or the documents that give legal representation to his/hers representative.
  3. Indicate the requested right (Access, Rectification, Cancellation and Opposition).
  4. The clear and precise description of the Personal Data regarding the ARCO rights request.
  5. Any other element, information or document that facilitates the location of his/hers Personal Data.
  6. In the case of requests for Rectification of Personal Data, the Owner must indicate the modifications to be made and provide the documentation that supports his/her request.

 

 

The Controller will notify and respond the Owner by email or at the indicated address, within a period of no more than 20 business days from the date the request was received.

 

For an Opposition request, the Owner will always have the right to oppose the processing of his/hers Personal Data for legitimate reasons. If appropriate, the Controller will not be able to process them.

 

The Opposition will not proceed in those cases in which the processing is necessary for the fulfillment of a legal obligation contracted between the Owner and the Controller.

The Controller may deny access, rectification, cancelation, or opposition of Personal Data processing, in the following cases:

  • When the applicant is not the Owner, or the legal representative is not duly accredited.
  • When the Personal Data is not found in the Controller’s database.
  • When the rights of a third party are injured.
  • When there is a legal impediment or the resolution of a competent authority that restricts Access, Rectification, Cancellation or Opposition of Personal Data.

 

  • When the Access, Rectification, Cancellation or Opposition have been made previously, and there are no changes in the conditions of the Personal Data held by the Controller.

The exercise of any of the ARCO rights does not limit the exercise of any other right.

In the event of refusal to a request of ARCO rights, the Controller will duly inform the Owner or the legal representative of the reason for the decision, within times and by the means indicated above.

If the Owner feels dissatisfied by the response issued by the Controller, or he/she considers that his/hers ARCO rights have been injured, the Owner has the action of protection of rights or complaint, as appropriate, provided and attended by the Mexican Institute of Transparency, Access to Information, and Protection of Personal Data (“INAI”).

  1. TRANSFER OF PERSONAL DATA.

ISATEL Laboratories may transfer data within and outside the national territory, to third parties (organizations, institutions, companies, and entities public or private), without the need for the Owner’s express or tacit consent, in the following cases:

  1. When the transfer is established in an international law or treaty.
  2. When the transfer is necessary for the medical prevention or diagnosis, the provision of health care, medical treatment, or the management of health services.
  3. When the transfer is made to holding companies, subsidiaries, or affiliates under the common management of the Controller, to a parent company, or to any company of the same group of the Controller, that operates under identical internal processes and policies.
  4. When the transfer is necessary due to a contract entered into or to be entered into following the interest of the Owner, between the Controller and a third party.
  5. When the transfer is necessary or legally required to safeguard the public interest, or for justice administration.
  6. When any authority, federal, state and/or municipal government office, in the exercise of its functions, requests the Owner’s Personal Data as part of a legal process, or in a specific case, by court order.
  7. In terms of what is established by article 37 of the Law, or in any other case of exception provided by the applicable laws, as long as the Personal Data processing complies with this Privacy Notice.
  8. When the transfer is necessary for the recognition, exercise, or defense of a right in a judicial or extrajudicial process, or for public order functions.
  9. In the event of breach of any legal and/or contractual Owner’s obligations, regarding payments or due to situations that may represent or be considered fraud or comparable illegal conduct.
  10. When the transfer is necessary for the maintenance or fulfillment of a legal relationship between the Controller and the Owner.

Third parties and entities receiving Personal Data will be informed of this Privacy Notice and its content and will assume the same obligations and/or responsibilities as ISATEL Laboratories in their capacity as Controllers.

  1. PRESERVATION AND SECURITY OF PERSONAL DATA.

The Controller will keep the Personal Data of the Owner as long as necessary, according to the purposes of its Processing established in this Notice, and in terms of the Law, its Regulations, and the other applicable provisions, always protected by security measures and adequate protocols to prevent damage, loss, alteration, destruction, use, access, or unauthorized processing.

  1. EXCLUSIONS OF LIABILITY

ISATEL Laboratories will not be responsible in any case for the treatment that users and/or third parties may make of its website, or the content published on it.

The Controller’s website uses technical link devices (“links”), directories and search tools that allow the users to access to webpages and/or websites owned and/or managed by third parties. The Controller does not have a direct relationship with or manage said sites, so it does not approve or endorse the products, services, content, information, data, files, and any kind of material published on them.

In turn, ISATEL Laboratories declares that it is not responsible for the use of data or information provided by the Owner on any website other than www.isalab.mx. The information or Personal Data that the Owners enter or transfer on third-party websites are the sole responsibility of the Owner and the third parties that own said sites.

  1. USE OF COOKIES AND OTHER SIMILAR TECHNOLOGIES

In order to offer a better browsing experience to the user, the Controller uses various technologies to improve the efficiency of its website, as well as cybernetic tools called “cookies”. Cookies are small amounts of information sent by a website and stored in the user’s browser, so that the website can consult the previous activity of said browser, recognize it and remember things such as user preferences.

The Controller’s websites and applications can use different types of cookies, web beacons and tracking technologies, both its own and property of third parties, that fulfill the purposes reported in this Privacy Notice.

The user can configure his/her web browser in such a way that he/she controls in detail the cookies he/she wishes to accept or reject. If his/her browser settings are enabled to reject cookies, cookie-enabled sites will not recognize him/her when he/she visit a website again, and some of the site’s functionality may be lost.

The Controller does not collect Personal Data automatically within its website, and the information obtained by the cookies is used only for statistical purposes and for the functionality of the website. The indicated cookies are not intended to personally identify any user.

  1. CHANGES TO THE PRIVACY NOTICE

Changes or updates to this Privacy Notice will be published on ISATEL Laboratories’ website, www.isalab.mx, where the Owner will have available and can consult the updated version of it.

 

The Controller reserves the right to make any necessary changes or updates at any time, which will be valid from the moment of their publication on the website.

  1. CONSENT OF PROCESSING PERSONAL DATA.

The Owner expresses his/her informed and unequivocal consent to this Privacy Notice and authorizes the Controller to carry out the Processing of his/her Personal Data in accordance with this document, the Law, its Regulations, and other applicable regulatory provisions.