PRIVACY NOTICE

Privacy notice

Privacy Notice

-CUSTOMERS/DATA OWNERS-

 

  1. Identity and address of the party responsible for the processing of your personal data.

REDPACK, S.A. de C.V. (hereinafter referred to as the “Responsible Party”), is Responsible Party for collecting your personal data, for its processing and protection.

Contact details of the Responsible Party:

  • Address: Avenida Del Ferrocarril, 25 -1, Colonia Industrial Alce Blanco, Naucalpan de Juárez, Estado de México C.P. 53370.
  • Email datospersonales@redpack.com.mx.
  • Telephone: (55) 55 3682 4040.
  1. Purposes of personal data processing.

Personal data we collect from you will be used for the following purposes that are necessary for the service you request:

  • Transportation services of general cargo, courier and parcels, collection, transfer, tracking, delivery, tracking before, during and after delivery.
  • Provide tracking of the package’s path by means of the RADAR platform and website www.redpack.com.mx.
  • Create and update user accounts on the Platforms and through any of the digital media of the “Responsible Party.”
  • Contact the customer for advice and sale of transportation services of general cargo, courier and parcels.
  • Provide Customer support and assistance.
  • Verify identity, background and compliance with legal requirements.
  • Generate the contract for the provision of logistics, courier, parcel and related services.
  • Improve customer services.
  • Allow communication between users.
  • Generate customer file for the provision of general cargo transportation service, courier and parcels.
  • Offer, process or facilitate payments for our services.
  • Generate account statements and balances and issue Payment Codes, Bills of Lading, Invoices, bank reference for bank deposit and Digital Tax Receipt.
  • Enable accessibility and account customization features in the Platform
  • Address issues related to legal procedures.
  • Contact customer for collection.
  • Perform internal operations necessary to provide our services.
  • Conduct research and development for testing, analytics, product development, and machine learning to improve customer experience.
  • Send non-commercial communications to inform about changes to our terms and conditions, services or policies or other communications that are not intended to market courier and parcel and general cargo services.

In addition, we will use your personal information for the following purposes that are not necessary for the requested service, but allow us to better serve you:

  1. Send marketing communications of services or products by the Responsible Party.
  2. Invite you to events related to the activities of the Responsible Party.

As a Data Subject, you have five (5) business days to, if applicable, state your refusal to the processing of your personal data with respect to the secondary purposes mentioned above, under the terms and conditions set forth in paragraphs 6, 7 and 8 below. As a Data Subject, you may exercise your rights of consent revocation or opposition. In case you do not express refusal to the processing of your personal data prior to delivery or use, these terms remain unaffected.

  1. Personal data we collect.

We may collect your personal data for the aforementioned purposes in several ways: when you provide it to us directly, or by obtaining it indirectly, through other sources that are permitted by the Law and the Regulations.

We collect your personal data directly when you provide it to us in person, by filling out a paper or digital form, by email, by filling out an online form, apps, websites (via the internet), or by telephone.

The data that we obtain by these means is personal identification and contact data. Below is a list of Personal data that can be collected:

  • Full name.
  • E-mail.
  • Telephone numbers.
  • Full address.
  • Country of residence.
  • Date of birth.
  • Place of birth.
  • Country of birth.
  • Activity, occupation or profession, if necessary.
  • Official and valid identification data (voter’s card, license or valid passport).
  • Length of service, if necessary.
  • Social security number, if necessary.
  • Proof of Tax Status, if necessary.
  • Report of compliance with tax obligations issued by the SAT, if necessary.
  • Report of compliance with obligations issued by the IMSS, if necessary.
  1. Sensitive personal, financial and property data that we collect.

Sensitive personal, financial and patrimonial data are also collected for some specific processes. Such personal data includes the following:

  • Transaction information related to the use of our services (payment method).
  • Bank account balances.
  • Associated banks.
  • CLABE number.
  • Account number.
  • Gross monthly income, if necessary.

Such data may be collected from the Holder through any of the aforementioned means.

In accordance with the provisions of Articles 9 and 16 of the Federal Law on Protection of Personal Data Held by Private Parties, when the Responsible Party collects such data from you, you will be asked for your express consent for the processing of this data, so we will ask you, at the time, to state whether or not you accept the processing, and if you accept it, provide us your consent in writing, through your signature, electronic signature, or any authentication mechanism that is set forth for such a purpose.

  1. Transfers/referrals of personal data within Mexico and abroad.

Your personal data may be transferred/transmitted and processed inside and outside the country, to authorities and companies of the Group, subsidiaries and/or affiliates of the Responsible Party. We undertake not to transfer your personal information to third parties without your consent, with the exceptions stated in article 37 of the Federal Law for the Protection of Personal Data Held by Individuals, as well as to conduct this transfer in the terms established by said Law. It should be noted that to comply with the maintenance or fulfillment of a legal relationship between the Controller and the Data Subject, the transfer of their personal data is necessary for the purposes mentioned below.

The aforementioned transfers will be conducted in the following manner:

Transfer/Referral Receiver Country Purpose
Referral Law Firms. Mexico Delinquent collection.
Referral Notary Public. Mexico Notarized testimony.
Referral Independent third-party contractors Mexico

·   Conduct the transport of packages for delivery to a final destination, conducting the collection, transfer, delivery, tracking and delivery of the package in predetermined times.

·   Provide tracking of the package’s path through our radar platform and website www.redpack.com.mx.

·   Provide support and assistance to the Client.

·   Verify identity, background and compliance with legal requirements.

·   Enable transportation, delivery and other related services.

·   Follow up contact, before, during and after the delivery of the transported goods.

·   Allow communication between users.

·   Generate customer file for the provision of transport services.

·   Offer, process or facilitate payments for services.

·   Address issues related to legal procedures.

·   Contact customer for collection.

·   Perform internal operations necessary to provide services or products.

Transfers Insurance and Bonding Companies. Mexico Contract and pay for insurance to cover loss or damage to cargo.
Transfer Controlling companies, subsidiaries or affiliates under the common control of the Responsible Party, a parent company or any company Group. Mexico Send marketing communications of services or products by the Responsible Party.

 

For further information regarding the recipients and purposes of the aforementioned transfers/referrals, please contact the Responsible Party at the numbers and e-mail addresses stated above.

  1. Means to exercise the rights of Access, Rectification, Cancellation or Opposition (ARCO).

You have the right to know and access your personal data and the details of its processing (Access); as well as to rectify it when inaccurate or outdated and/or incomplete (Rectification); to request that it be removed from our records or databases when you consider that it is not being used in accordance with the principles, duties and obligations under the regulations (Cancellation); or oppose its processing for specific purposes (Opposition). These rights are known as ARCO rights.

They have been implemented as a mechanism for the exercise of such rights through the submission of a request to the Responsible Party, either personally at the corresponding address or by sending an email to the previously specified email address. Such request must contain at least: i) Full name of the Data Subject, address or any other means to contact him/her; ii) Simple copy of official identification (voter’s card, license or valid passport) or document by which the legal representation of the Data Subject is evidenced; iii) Express indication of the ARCO right to be exercised; iv) Clear and precise description of Personal data with respect to which the exercise of any of the aforementioned rights is intended; v) Any other element that facilitates the location of Personal data. In case of exercising the right of rectification, the Data Subject must additionally include: the modifications to be made and the documentation supporting such request.

By Law, the Controller has a term of twenty (20) days from the date of receipt of the request, to communicate to the Data Subject the determination adopted so that, if appropriate, it becomes effective within fifteen (15) days from the date on which the response is communicated.

The Controller may contact the Data Subject in person or in writing at his/her address or by the means stated by the Data Subject in his/her request.

For more information regarding the procedure for exercising rights, such as deadlines or when to proceed, please contact us via email, to the telephone numbers and email addresses mentioned above.

  1. Mechanisms and procedures for the holder, where appropriate, to revoke their consent at any time.

As a Data Subject, you may revoke the consent that, if applicable, you have given us for the processing of your personal data. However, it is important that you consider that we cannot meet your request in all cases or terminate the use immediately, since it is possible that by law we require to continue processing your personal data. Also, you should consider that, for certain purposes, the revocation of your consent will mean that we can no longer provide the service you requested or end your relationship with us.

To revoke your consent, you must submit your request to the Responsible Party to the address set forth in paragraph 1 of this Privacy Notice or send it via email. Such request must contain at least: i) Full name of the Data Subject, address or any other means to contact him/her; ii) Simple copy of official identification (voter’s card, license or valid passport) or document by which the legal representation of the Data Subject is accredited; iii) Express indication that you revoke your consent for the processing of your data.

By Law, the Controller has a term of twenty (20) days from the date of receipt of the request, to communicate to the Data Subject the determination adopted so that, if appropriate, it becomes effective within fifteen (15) days from the date on which the response is communicated.

The Controller may contact the Data Subject in person or in writing at his/her address or by the means stated by the Data Subject in his/her request.

For further information regarding the procedure and requirements for the revocation of consent, you may contact the Responsible Party at the telephone numbers and e-mail addresses mentioned above.

  1. Choices and means to limit the use or disclosure of personal information.

You may limit the use and disclosure of your personal information by contacting the Responsible Party, at the telephone numbers and emails stated above, to determine whether we can agree to your request in terms of the LFPDPPP and its Regulations, based on the business relationship you have with the Responsible Party.

  1. Security measures implemented.

We have implemented administrative, physical and technical security measures for the protection of your personal data to prevent loss, misuse or alteration of your information.

In the event that for any reason a security breach occurs with respect to Personal data we process, and that such breach significantly affects your economic or moral rights, we will contact you by email or telephone to inform you of: i) the nature of the incident; ii) Personal data compromised; iii) the recommendations about the measures you can take to protect your interests; iv) the corrective actions taken immediately. You may also contact the Controller at any time to obtain further information in this regard.

  1. Modifications to the privacy notice.

This Privacy Notice may be modified or updated, deemed appropriate, from time to time. You may find its updated version on the Website, or you may request it at any time by sending an e-mail to the e-mail address mentioned in the previous section. The date at the end of this document will indicate when the last update was made, as a result of changes to provisions, or jurisprudence, internal policies, new requirements for the provision or offering of our services or products and / or market practices.

  1. Use of Cookies and Web Beacons.

Cookies are text files that are automatically downloaded and stored on the hard drive of the user’s computer  when browsing a specific Internet site, which allow the Internet server to remember some data about the user, including their preferences for viewing sites on that server, date and time of access, name and password. Web beacons are images embedded in an Internet site or email, which can be used to monitor the behavior of a visitor, such as storing information about the user’s IP address, duration of interaction time on the site and the type of browser used, among others. We hereby inform you that we use cookies and web beacons to obtain personal information from you, and we collect personal data through the use of cookies to obtain personal information from you, such as the following:

  • Your browser type and operating system.
  • The Internet sites you visit.
  • The links you click on.
  • The IP address.
  • The site you visited before entering our site.
  1. The right to promote rights protection and verification procedures by the Institute.

If you believe that your rights have been violated by any conduct of our employees or our actions or responses, or that in the processing of your personal data there is any violation of the provisions of the Federal Law on Protection of Personal Data Held by Private Parties, its Regulations and other applicable laws, you may file a complaint with the National Institute for Transparency, Access to Information and Protection of Personal Data (INAI) For more information visit: https://home.inai.org.mx/

The Data Subject agrees to this Privacy Notice and provides consent to the processing of personal data.

 

 

Privacy Notice

Suppliers/Providers /Contractors

  1. Identity and address of the responsible party for the processing of your personal data.

REDPACK, S.A. de C.V. (hereinafter referred to as the “Responsible Party”), is responsible for the collection, processing and protection of your personal data.

Contact details of the Responsible Party:

  • Address: Avenida Del Ferrocarril, 25-1, Colonia Industrial Alce Blanco, Naucalpan de Juárez, Estado de México C.P. 53370.
  • Email datospersonales@redpack.com.mx.
  • Telephone: (55) 55 3682 4040.
  1. Purposes of the processing of personal data.

Personal data we collect from you will be used for the following purposes that are necessary for the service you request:

  • Enter into the corresponding contracts for the formalization of the Holder’s services, as well as the necessary legal instruments.
  • Contact the Supplier for advice on their services and/or products.
  • Request support and assistance.
  • Verify identity, background and compliance with legal requirements.
  • Enable communication between Suppliers, Contractors and Responsible Party.
  • Generate and update file of Suppliers and Contractors.
  • Process or facilitate payments for your services.
  • Generate account statements and balances and issue Payment Codes, Bills of Lading, Invoices, bank reference for deposit and Digital Tax Receipt for services rendered.
  • Address issues related to legal procedures.
  • Perform internal operations necessary for the provision of services or products.
  • Send non-commercial communications to inform you about changes to our terms and conditions, services or policies or to send other communications from the Controller.
  • Comply with the internal policies of the Responsible Party.
  • Registration in the records of the Responsible Party.
  • Conduct the activities that are necessary for the provision of services under the contract and to comply with the contract entered into between the Holder and the Controller.
  • Use in any type of act or judicial and/or extrajudicial collection proceedings.
  • Prepare reports of the services provided by the Responsible Party with the purpose of internal control of such services, as well as to follow-up.

In addition, we will use your personal information for the following purposes that are not necessary for the contract entered into, but that facilitate better communication and relationship:

  1. Invitations to events related to the activities of the Responsible Party.
  2. Commercial prospecting activities.

As a Data Subject, you have a period of five (5) business days to, if applicable, express your refusal to the processing of your personal data with respect to the secondary purposes mentioned above, under the terms and conditions set forth in paragraphs 6, 7 and 8 below. As Data Subject you have rights of revocation of consent or opposition. In case you do not express your refusal to the processing of your personal data prior to delivery or use, such use remains unaffected.

  1. Personal information we collect.

We may collect your personal data for the aforementioned purposes in several ways: when you provide it to us directly, or by obtaining it indirectly, through other sources that are permitted by the Law and the Regulations.

We collect your personal data directly when you provide it to us in person, by filling out a paper or digital form, by email, by filling out an online form, apps, websites (via the internet), or by telephone.

The data that we obtain by these means is personal identification and contact data, below is a list of Personal data that can be collected:

  • Full name.
  • E-mail.
  • Full address.
  • Date of birth.
  • Place of birth.
  • Information contained in the official and valid identification.
  • Registration before SHCP.
  • Proof of Fiscal Situation.
  • Report of compliance with tax obligations issued by the SAT.
  • Report of compliance with obligations issued by the IMSS.
  • Report of compliance with obligations issued by INFONAVIT.
  • Driver’s license data only in the case of carriers.
  • Professional license, if necessary.
  • Location by coordinates only in the case of carriers.
  1. Sensitive personal, financial and property data we collect.

Sensitive personal, financial and patrimonial data are also collected for some specific processes. Personal data of this nature that may be collected are the following:

  • Associated bank.
  • CLABE code.
  • Account holder.
  • Account number.
  • If applicable, photograph of the license plates of the vehicle and trailers providing transportation services.
  • Invoices and Vehicle Registration Certificates of the vehicles with which they provide transport services.
  • Details of insurance policy/s) and bonds.
  • In some cases psychometric and toxicological test results.

Such data may be collected from the Holder through any of the aforementioned means.

In accordance with the provisions of Articles 9 and 16 of the Federal Law on Protection of Personal Data Held by Private Parties, when the Responsible Party collects such data from you, you will be asked for your express consent for the processing of this data, so we will ask you, at the time, to state whether or not you accept the processing. If you accept the processing, you will provide to us in writing your signature, electronic signature, or any authentication mechanism that is established for that purpose.

  1. Transfers/referrals of personal data within Mexico and abroad.

Your personal data may be transferred/transmitted and processed inside and outside the country, to authorities and companies of the Group, subsidiaries and/or affiliates of the Responsible Party. We undertake not to transfer your personal information to third parties without your consent, with the exceptions included in article 37 of the Federal Law for the Protection of Personal Data Held by Individuals, as well as to conduct this transfer in the terms established by said Law. It should be noted that for the fulfillment of the maintenance or compliance of a legal relationship between the Responsible Party and the Holder in some cases it is necessary to transfer your personal data for the purposes mentioned below.

The aforementioned transfers/referrals will be conducted in the following manner:

Transfer/Referral Receiver Country Purpose
Referral Law Firms. Mexico Delinquent collection.
Referral Notary Public. Mexico Notarization of facts.
Referral Third party carriers. Mexico

·   Conduct coordinated logistics to ensure that the packages reach their destination.

·   Address issues related to legal procedures.

Transfers Insurance and Bonding Companies. Mexico Take out and pay for insurance to cover loss or damage to cargo.
Transfer Controlling companies, subsidiaries or affiliates under the common control of the Responsible Party, a parent company or any company Group. Mexico Send marketing communications of services or products by the Responsible Party.

 

For further information regarding the recipients and purposes of the aforementioned transfers/referrals, please contact the Responsible Party at the telephone numbers and e-mail addresses stated above.

  1. Means to exercise the rights of Access, Rectification, Cancellation or Opposition (ARCO).

You have the right to know and access your personal data that we have and the details of the processing (Access); as well as to rectify them if they are inaccurate or outdated and/or incomplete (Rectification); to request that they be removed from our records or databases when you consider that they are not being used in accordance with the principles, duties and obligations under the regulations (Cancellation); or oppose the processing for specific purposes (Opposition). These rights are known as ARCO rights.

They have been implemented as a mechanism for the exercise of such rights through the submission of a request to the Responsible Party, either personally or by sending an email to the previously stated address. Such request must contain at least: i) Full name of the Data Subject, address or any other means to contact him/her; ii) A simple copy of official identification (voter’s card, license or valid passport) or document proving the legal representation of the Data Subject; iii) Express indication of the ARCO right to be exercised; iv) Clear and precise description of Personal data with respect to which the exercise of any of the aforementioned rights is intended; v) Any other element that facilitates the location of Personal data. In case of exercising the right of rectification, the Data Subject must additionally include: the modifications to be made and the documentation supporting such request.

By Law, the Controller has a term of twenty (20) days from the date of receipt of the request, to communicate to the Data Subject the determination adopted so that, if appropriate, it becomes effective within fifteen (15) days from the date on which the response is communicated.

The Controller may contact the Data Subject in person or in writing at his/her address or by the means stated by the Data Subject in his/her request.

For more information regarding the procedure for exercising rights, such as deadlines or when to proceed, please contact us via email or telephone.

  1. Mechanisms and procedures for the holder, where appropriate, to revoke their consent at any time.

As a Data Subject, you may revoke the consent that, if applicable, you have given us for the processing of your personal data. However, it is important that you consider that we cannot meet your request in all cases or terminate the use immediately, since it is possible that by law we require to continue processing your personal data. Also, you should consider that, for certain purposes, the revocation of your consent will mean that we can no longer maintain a contractual relationship and therefore your relationship with us will end.

To revoke your consent, you must submit your request to the Responsible Party to the address set forth in paragraph 1 of this Privacy Notice or send it via email. Such request must contain at least: i) Full name of the Data Subject, address or any other means to contact him/her; ii) Simple copy of official identification (voter’s card, license or valid passport) or document by which the legal representation of the Data Subject is accredited; iii) Express indication that you revoke your consent for the processing of your data.

By Law, the Controller has a term of twenty (20) days from the date of receipt of the request, to communicate to the Data Subject the determination adopted so that, if appropriate, it becomes effective within fifteen (15) days from the date on which the response is communicated.

The Controller may contact the Data Subject in person or in writing at his/her address or by the means stated by the Data Subject in his/her request.

For more information regarding the procedure and requirements for the revocation of consent, you may contact the Responsible Party at the telephone numbers and e-mails mentioned above.

  1. Choices and means to limit the use or disclosure of personal information.

You may limit the use and disclosure of your personal information by contacting the Responsible Party, in the telephone numbers and emails stated above, to determine whether we can agree to your request in terms of the LFPDPPP and its Regulations, under the contractual relationship you have with the Responsible Party.

  1. Security measures implemented.

 

We have implemented administrative, physical and technical security measures for the protection of your personal data to prevent loss, misuse or alteration of your information.

In the event that for any reason a security breach occurs with respect to Personal data we process, and that such breach significantly affects your economic or moral rights, we will contact you by email or telephone to inform you: i) the nature of the incident; ii) Personal data compromised; iii) the recommendations about the measures you can take to protect your interests; iv) the corrective actions taken immediately. You may also contact the Controller at any time to obtain further information in this regard.

  1. Modifications to the privacy notice.

This Privacy Notice may be modified or updated as deemed appropriate, from time to time. You may find its updated version on the Website, or you may request it at any time by sending an e-mail to the e-mail address stated in the previous section. The date displayed at the end of this document will indicate when the last update was made, as a result of changes to provisions, or jurisprudence, internal policies, new requirements for the provision or offering of our services or products and / or market practices.

  1. Use of Cookies and Web Beacons.

Cookies are text files that are automatically downloaded and stored on the hard drive of the user’s computer when browsing a specific Website, which allow the Internet server to remember some data about the user, including preferences for viewing websites on that server, name and password. Web beacons are images embedded in a Website  or email, which can be used to monitor the behavior of a visitor, such as storing information about the user’s IP address, duration of interaction time on the site and the type of browser used, among others. We use cookies and web beacons to obtain personal information from you, so on our website we collect personal data through the use of cookies to obtain personal information from you, such as the following:

  • Your browser type and operating system.
  • The Websites you visit.
  • Links you click on.
  • The IP address.
  • The site you visited before entering our site.
  1. promote rights protection and verification procedures by the Institute.

If you consider that your rights have been harmed by any conduct of our employees or our actions or responses, or that in the processing of your personal data there is any violation of the provisions of the Federal Law on Protection of Personal Data Held by Private Parties, its Regulations and other applicable laws, you may file a complaint with the National Institute for Transparency, Access to Information and Protection of Personal Data (INAI) For more information visit: https://home.inai.org.mx/

The Data Subject agrees to this Privacy Notice and consents to the processing of his/her personal data.

 

 

 

Privacy Notice

-Employees/interns-

  1. Identity and address of the Responsible Party for the processing of your personal data.

REDPACK, S.A. de C.V. (hereinafter referred to as the “Responsible Party”), is responsible for the collection, processing and protection of your personal data.

Contact details of the Responsible Party:

  • Address: Avenida Del Ferrocarril, 25-1, Colonia Industrial Alce Blanco, Naucalpan de Juárez, Estado de México C.P. 53370.
  • Email datospersonales@redpack.com.mx.
  • Telephone: (55) 55 3682 4040.
  1. Purposes of the processing of personal data.

Personal data that we collect from you will be used for the following purposes that are necessary for the existing contractual relationship:

  • Identify and conduct the assessment of the job skills of the Holder to work and fill job vacancies for the Responsible Party.
  • Integrate the personal file of each Data Subject in the physical and electronic controls of the Controller.
  • Keep the employee’s personal information available in case of emergency.
  • Provide proper working conditions for the employee.
  • Conduct controls for the adequate professional development of the employee.
  • Perform administrative activities and management of the job and other job benefits.
  • Provide references of the Holder with his/her approval.
  • Enter into contracts for the formalization of the employment relationship between the Data Controller and the Responsible Party, as well as the necessary legal instruments.
  • Comply with the internal policies of the Responsible Party.
  • Registration in the records of the Responsible Party and Authorities such as the IMSS.
  • Conduct the activities that are necessary for the fulfillment of the obligations of the employment relationship and to comply with the employment contract between the Data Controller and the Responsible Party.
  • Prepare statistics and reports of the services provided by the Responsible Party to keep an internal control.
  • Manage participation in social responsibility campaigns.

In addition, we will use your personal information for the following purposes that are not necessary for the contract entered into, but that facilitate a better communication and relationship:

  1. Send you news about the Responsible Party or companies that are part of the Group to which the Responsible Party belongs.
  2. Invitations to events related to the activities of the Responsible Party.
  3. Offer employment opportunities.

As a Data Subject, you have a period of five (5) business days to, if applicable, express your refusal to the processing of your personal data with respect to the secondary purposes mentioned above, under the terms and conditions set forth in paragraphs 6, 7 and 8 below.

  1. Personal information we collect.

 

We may collect your personal data for the aforementioned purposes in several ways: when you provide it to us directly, or by obtaining it indirectly, through other sources that are permitted by the Law and the Regulations.

We collect your personal data directly when you provide it to us in person, by filling out a paper or digital form, by email, by filling out an online form, apps, websites (via the internet), or by telephone.

The data that we obtain by these means is personal identification and contact data, below is a list of Personal data that can be collected:

  • Full name.
  • E-mail.
  • Full address.
  • Country of residence.
  • Date of birth.
  • Place of birth.
  • Country of birth.
  • Activity, occupation or profession.
  • Name of the companies in which you worked.
  • Marital status.
  • Social Security Number.
  • Professional license number.
  • Driver’s license number.
  • Identification data of psychophysical aptitude or skill tests if necessary.
  • Level of studies, as well as proof of school performance if necessary.
  1. Sensitive personal, financial and property data that we collect.

Likewise, the Responsible Party also collects, from certain persons and for some specific processes, sensitive personal, financial and patrimonial data. Personal data of this nature that may be collected are the following:

  • Psychometric, toxicological and/or socioeconomic test results, if applicable.
  • Blood type.
  • Associated bank.
  • CLABE code.
  • Account number.
  • Gross monthly income.
  • Monthly expenses.
  • Contracted debts, amount and granting company or institution, if applicable.
  • Health status if required.
  • Spousal regime.
  • Economic dependents, as well as their identity and location.
  • Emergency contact information for family members.
  • Personal and professional references.

 

Such data may be collected from the Holder through any of the aforementioned means. It should be noted that, by providing Personal data of family members, you acknowledge having the consent for the Responsible Party to treat them according to the purposes stated above.

In accordance with the provisions of Articles 9 and 16 of the Federal Law on Protection of Personal Data Held by Private Parties, when the Responsible Party collects such data from you, you will be asked for your express consent for the processing of this data, so we will ask you, at the time, to state whether or not you accept the processing. If you accept the processing, you will provide to us in writing your signature, electronic signature, or any authentication mechanism that is established for that purpose.

  1. Transfers/transmission of personal data within Mexico and abroad.

Your personal data may be transferred/transmitted and processed inside and outside the country, to authorities and companies of the Group, subsidiaries and/or affiliates of the Responsible Party. We undertake not to transfer your personal information to third parties without your consent, with the exceptions included in article 37 of the Federal Law for the Protection of Personal Data Held by Individuals, as well as to conduct this transfer in the terms established by said Law. It should be noted that for the fulfillment of the maintenance or compliance of a legal relationship between the Responsible Party and the Holder in some cases it is necessary to transfer your personal data for the purposes mentioned below.

The aforementioned transfers/referrals will be conducted in the following manner:

Transfer/Referral Receiver Country Purpose
Referral Law Firms. Mexico Address legal issues.
Referral Companies that provide payroll and CFDI services. Mexico Generation of payroll receipts.
Referral Companies that provide psychometric, toxicological, trust control or socioeconomic testing services. Mexico Psychometric, toxicological, socioeconomic and trust control tests.
Transfer Subsidiaries or affiliated companies of the TRAXION Group. Mexico Job offers.
Transfer Controlling companies, subsidiaries or affiliates under the common control of the Responsible Party, a parent company or any company Group. Mexico Send marketing communications of services or products by the Responsible Party.

 

For more information regarding the recipients and purposes of the aforementioned transfers/referrals, please contact the Responsible Party at the aforementioned telephone numbers and e-mail addresses.

 

  1. Means to exercise the rights of Access, Rectification, Cancellation or Opposition (ARCO).

You have the right to know and access your personal data that we have and the details of the processing (Access); as well as to rectify them if they are inaccurate or outdated and/or incomplete (Rectification); to request that they be removed from our records or databases when you consider that they are not being used in accordance with the principles, duties and obligations under the regulations (Cancellation); or oppose the processing for specific purposes (Opposition). These rights are known as ARCO rights.

They have been implemented as a mechanism for the exercise of such rights through the submission of a request to the Responsible Party, either personally or by sending an email to the previously stated address. Such request must contain at least: i) Full name of the Data Subject, address or any other means to contact him/her; ii) A simple copy of official identification (voter’s card, license or valid passport) or document proving the legal representation of the Data Subject; iii) Express indication of the ARCO right to be exercised; iv) Clear and precise description of Personal data with respect to which the exercise of any of the aforementioned rights is intended; v) Any other element that facilitates the location of Personal data. In case of exercising the right of rectification, the Data Subject must additionally include: the modifications to be made and the documentation supporting such request.

By Law, the Controller has a term of twenty (20) days from the date of receipt of the request, to communicate to the Data Subject the determination adopted so that, if appropriate, it becomes effective within fifteen (15) days from the date on which the response is communicated.

The Controller may contact the Data Subject in person or in writing at his/her address or by the means stated by the Data Subject in his/her request.

For more information regarding the procedure for exercising rights, such as deadlines or when to proceed, please contact us via email or telephone.

  1. Mechanisms and procedures for the holder, where appropriate, to revoke their consent at any time.

As a Data Subject, you may revoke the consent that, if applicable, you have given us for the processing of your personal data. However, it is important that you consider that we cannot meet your request in all cases or terminate the use immediately, since it is possible that by law we require to continue processing your personal data. Also, you should consider that, for certain purposes, the revocation of your consent will mean that we can no longer maintain a working relationship with you and consequently the conclusion of your relationship with us.

To revoke your consent, you must submit your request to the Responsible Party to the address set forth in paragraph 1 of this Privacy Notice or send it via email. Such request must contain at least: i) Full name of the Data Subject, address or any other means to contact him/her; ii) Simple copy of official identification (voter’s card, license or valid passport) or document by which the legal representation of the Data Subject is accredited; iii) Express indication that you revoke your consent for the processing of your data.

By Law, the Controller has a term of twenty (20) days from the date of receipt of the request, to communicate to the Data Subject the determination adopted so that, if appropriate, it becomes effective within fifteen (15) days from the date on which the response is communicated.

The Controller may contact the Data Subject in person or in writing at his/her address or by the means stated by the Data Subject in his/her request.

For more information regarding the procedure and requirements for the revocation of consent, you may contact the Responsible Party at the telephone numbers and e-mails mentioned above.

  1. Choices and means to limit the use or disclosure of personal data.

You may limit the use and disclosure of your personal information by contacting the Responsible Party, at the telephone numbers and emails stated above, to determine whether we can agree to your request in terms of the LFPDPPP and its Regulations, by virtue of the employment relationship you have with the Responsible Party.

  1. Security measures implemented.

We have implemented administrative, physical and technical security measures for the protection of your personal data to prevent loss, misuse or alteration of your information.

In the event of sending or sharing your information with third parties that provide us with any service, we require and verify that they have the necessary security measures to protect your personal data, prohibiting the use of your personal information for purposes other than those authorized.

In the event that for any reason a security breach occurs with respect to Personal data we process, and that such breach significantly affects your economic or moral rights, we will contact you by email or telephone to inform you: i) the nature of the incident; ii) Personal data compromised; iii) the recommendations about the measures you can take to protect your interests; iv) the corrective actions taken immediately. You may also contact the Controller at any time to obtain further information in this regard.

  1. Modifications to the Privacy Notice.

This Privacy Notice may be modified or updated as deemed appropriate, from time to time. You may find its updated version on the Website, or you may request it at any time by sending an e-mail to the e-mail address stated in the previous section. The date displayed at the end of this document will indicate when the last update was made, as a result of changes to provisions, or jurisprudence, internal policies, new requirements for the provision or offering of our services or products and / or market practices.

  1. Use of Cookies and Web Beacons.

Cookies are text files that are automatically downloaded and stored on the hard drive of the user’s computer when browsing a specific Website, which allow the Internet server to remember some data about the user, including preferences for viewing websites on that server, name and password. Web beacons are images embedded in a Website  or email, which can be used to monitor the behavior of a visitor, such as storing information about the user’s IP address, duration of interaction time on the site and the type of browser used, among others. We use cookies and web beacons to obtain personal information from you, so on our website we collect personal data through the use of cookies to obtain personal information from you, such as the following:

  • Your browser type and operating system.
  • The Websites you visit.
  • Links you click on.
  • The IP address.
  • The site you visited before entering our site.

 

 

  1. The right to promote rights protection and verification procedures by the Institute.

If you consider that your rights have been harmed by any conduct of our employees or our actions or responses, or that in the processing of your personal data there is any violation of the provisions of the Federal Law on Protection of Personal Data Held by Private Parties, its Regulations and other applicable laws, you may file a complaint with the National Institute for Transparency, Access to Information and Protection of Personal Data (INAI) For more information visit: https://home.inai.org.mx/

The Data Subject agrees to this Privacy Notice and consents to the processing of his/her personal data.

 

 

 

Privacy Notice

-candidates-

  1. Identity and address of the Responsible Party for the processing of your personal data.

REDPACK, S.A. de C.V. (hereinafter referred to as the “Responsible Party”), is responsible for the collection, processing and protection of your personal data.

Contact details of the Responsible Party:

  • Address: Avenida Del Ferrocarril, 25-1, Colonia Industrial Alce Blanco, Naucalpan de Juárez, Estado de México C.P. 53370.
  • Email datospersonales@redpack.com.mx.
  • Telephone: (55) 55 3682 4040.
  1. Purposes of the processing of personal data.

Personal data that we collect from you will be used for the following purposes which are necessary for us to enter into a contractual working relationship:

  • Identify and conduct the assessment of the job skills of the Holder to work and fill job vacancies with the Responsible Party.
  • Integrate the personal file of each Data Subject in the physical and electronic controls of the Controller.
  • Conduct administrative activities of the Responsible Party.
  • Request references from the Holder.
  • Conduct interviews, exams and the personnel selection process implemented by the Responsible Party.
  • Comply with the internal policies of the Responsible Party.
  • Prepare statistics and reports of the services provided by the Responsible Party to keep internal control.

It is important to note that your information will only be kept for a maximum period of 1 year; after this period, it will be cancelled and will not be processed by the Controller again.

In addition, we will use your personal information for the following purposes that are not necessary for the recruitment and selection process, but allow us to facilitate better communication and relationship:

  1. Inform you about news related to the Responsible Party or companies that are part of the group to which the Responsible Party belongs.
  2. Invitations to events related to the activities of the Responsible Party.

As a Data Subject, you have a period of five (5) business days to, if applicable, express your refusal to the processing of your personal data with respect to the secondary purposes mentioned above, under the terms and conditions set forth in paragraphs 6, 7 and 8 below. Your rights as Data Subject, to exercise your rights of revocation of consent or opposition, in case you do not express your refusal to the processing of your personal data prior to the delivery or its use or utilization, remain unaffected.

  1. Personal information we collect.

We may collect your personal data for the aforementioned purposes in several ways: when you provide it to us directly, or by obtaining it indirectly, through other sources that are permitted by the Law and the Regulations.

We collect your personal data directly when you provide it to us in person, by filling out a paper or digital form, by email, by filling out an online form, apps, websites (via the internet), or by telephone.

The data that we obtain by these means is personal identification and contact data, below is a list of Personal data that can be collected:

  • Full name.
  • E-mail.
  • Full address.
  • Country of residence.
  • Date of birth.
  • Place of birth.
  • Country of birth.
  • Activity, occupation or profession.
  • Name of the companies in which you worked or work.
  • Work seniority.
  • Position where you work.
  • Marital status.
  • Social Security Number.
  • Professional license number, if applicable.
  • Driver’s license number, if applicable.
  • Identification data of psychophysical or skill tests if necessary.
  • Level of studies, as well as certificates.
  • Academic background, work history, skills and information contained in CV or job application form.
  1. Sensitive personal, financial and property data that we collect.

Likewise, sensitive personal, financial and patrimonial data are collected from certain persons and for some specific processes. Personal data of this nature that may be collected are the following:

  • Psychometric, toxicological, socioeconomic and medical test results, if applicable.
  • Blood type.
  • Desired gross monthly income.
  • Monthly expenses.
  • Health status if required.
  • Spousal regime.
  • Economic dependents, as well as their identity and location.
  • Contracted debts, amount and granting company or institution, if applicable.
  • Personal and professional references.

Such data may be collected from the Holder through any of the aforementioned means. It should be noted that, by providing Personal data of family members, you acknowledge having the consent for the Responsible Party to treat them according to the purposes stated above.

In accordance with the provisions of Articles 9 and 16 of the Federal Law on Protection of Personal Data Held by Private Parties, when the Responsible Party collects such data from you, you will be asked for your express consent for the processing of this data, so we will ask you, at the time, to state whether or not you accept the processing. If you accept the processing, you will provide to us in writing your signature, electronic signature, or any authentication mechanism that is established for that purpose.

  1. Transfers/transmission of personal data within Mexico and abroad.

Your personal data may be transferred/transmitted and processed inside and outside the country, to authorities and companies of the Group, subsidiaries and/or affiliates of the Responsible Party. We undertake not to transfer your personal information to third parties without your consent, with the exceptions included in article 37 of the Federal Law for the Protection of Personal Data Held by Individuals, as well as to conduct this transfer in the terms established by said Law.

The aforementioned transfers/referrals will be conducted in the following manner:

Transfer/Referral Receiver Country Purpose
Referral Companies that provide psychometric, toxicological, socioeconomic and medical test services. Mexico Psychometric, toxicological, socioeconomic and medical tests.
Transfer Subsidiaries or affiliated companies of the TRAXION Group. Mexico Job offers.
Transfer Controlling companies, subsidiaries or affiliates under the common control of the Responsible Party, a parent company or any company Group. Mexico Send marketing communications of services or products by the Responsible Party.

 

For more information regarding the recipients and purposes of the aforementioned transfers/referrals, please contact the Responsible Party at the aforementioned telephone numbers and e-mail addresses.

  1. Means to exercise the rights of Access, Rectification, Cancellation or Opposition (ARCO).

You have the right to know and access your personal data that we have and the details of the processing (Access); as well as to rectify them if they are inaccurate or outdated and/or incomplete (Rectification); to request that they be removed from our records or databases when you consider that they are not being used in accordance with the principles, duties and obligations under the regulations (Cancellation); or oppose the processing for specific purposes (Opposition). These rights are known as ARCO rights.

They have been implemented as a mechanism for the exercise of such rights through the submission of a request to the Responsible Party, either personally or by sending an email to the previously stated address. Such request must contain at least: i) Full name of the Data Subject, address or any other means to contact him/her; ii) Simple copy of official identification (voter’s card, license or valid passport) or document by which the legal representation of the Data Subject is evidenced; iii) Express indication of the ARCO right to be exercised; iv) Clear and precise description of Personal data with respect to which the exercise of any of the aforementioned rights is intended; v) Any other element that facilitates the location of Personal data. In case of exercising the right of rectification, the Data Subject must additionally include: the modifications to be made and the documentation supporting such request.

By Law, the Controller has a term of twenty (20) days from the date of receipt of the request, to communicate to the Data Subject the determination adopted so that, if appropriate, it becomes effective within fifteen (15) days from the date on which the response is communicated.

The Controller may contact the Data Subject in person or in writing at his/her address or by the means stated by the Data Subject in his/her request.

For more information regarding the procedure for exercising rights, such as deadlines or when to proceed, please contact us via email or telephone..

  1. Mechanisms and procedures for the holder, where appropriate, to revoke their consent at any time.

As a Data Subject, you may revoke the consent that, if applicable, you have given us for the processing of your personal data. However, it is important that you consider that we cannot meet your request in all cases or terminate the use immediately, since it is possible that by law we require to continue processing your personal data. Also, you should consider that, for certain purposes, the revocation of your consent will mean that we cannot continue the process of recruitment or selection of personnel and therefore not be able to start an employment relationship with us.

To revoke your consent, you must submit your request to the Responsible Party to the address set forth in paragraph 1 of this Privacy Notice or send it via email. Such request must contain at least: i) Full name of the Data Subject, address or any other means to contact him/her; ii) Simple copy of official identification (voter’s card, license or valid passport) or document by which the legal representation of the Data Subject is accredited; iii) Express indication that you revoke your consent for the processing of your data.

By Law, the Controller has a term of twenty (20) days from the date of receipt of the request, to communicate to the Data Subject the determination adopted so that, if appropriate, it becomes effective within fifteen (15) days from the date on which the response is communicated.

The Controller may contact the Data Subject in person or in writing at his/her address or by the means stated by the Data Subject in his/her request.

For more information regarding the procedure and requirements for the revocation of consent, you may contact the Responsible Party at the telephone numbers and e-mails mentioned above.

  1. Choices and means to limit the use or disclosure of personal data.

You may limit the use and disclosure of your personal information by contacting the Responsible Party, at the telephone numbers and emails stated above, to determine whether we can agree to your request in terms of the LFPDPPP and its Regulations, under the contractual relationship you have with the Responsible Party.

We have implemented administrative, physical and technical security measures for the protection of your personal data to prevent loss, misuse or alteration of your information.

In the event that for any reason a security breach occurs with respect to Personal data we process, and that such breach significantly affects your economic or moral rights, we will contact you by email or telephone to inform you: i) the nature of the incident; ii) Personal data compromised; iii) the recommendations about the measures you can take to protect your interests; iv) the corrective actions taken immediately. You may also contact the Controller at any time to obtain further information in this regard.

  1. Security measures implemented.

We have implemented administrative, physical and technical security measures for the protection of your personal data to prevent loss, misuse or alteration of your information.

In the event that for any reason a security breach occurs with respect to Personal data we process, and that such breach significantly affects your economic or moral rights, we will contact you by email or telephone to inform you: i) the nature of the incident; ii) Personal data compromised; iii) the recommendations about the measures you can take to protect your interests; iv) the corrective actions taken immediately. You may also contact the Controller at any time to obtain further information in this regard.

  1. Modifications to the privacy notice.

This Privacy Notice may be modified or updated as deemed appropriate, from time to time. You may find its updated version on the Website, or you may request it at any time by sending an e-mail to the e-mail address stated in the previous section. The date displayed at the end of this document will indicate when the last update was made, as a result of changes to provisions, or jurisprudence, internal policies, new requirements for the provision or offering of our services or products and / or market practices.

  1. Use of Cookies and Web Beacons.

Cookies are text files that are automatically downloaded and stored on the hard drive of the user’s computer when browsing a specific Website , which allow the Internet server to remember some data about the user, including preferences for viewing websites on that server, name and password. Web beacons are images embedded in a Website  or email, which can be used to monitor the behavior of a visitor, such as storing information about the user’s IP address, duration of interaction time on the site and the type of browser used, among others. We use cookies and web beacons to obtain personal information from you, so on our website we collect personal data through the use of cookies to obtain personal information from you, such as the following:

  • Your browser type and operating system.
  • The Websites you visit.
  • Links you click on.
  • The IP address.
  • The site you visited before entering our site.
  1. The right to promote rights protection and verification procedures by the Institute.

If you consider that your rights have been harmed by any conduct of our employees or our actions or responses, or that in the processing of your personal data there is any violation of the provisions of the Federal Law on Protection of Personal Data Held by Private Parties, its Regulations and other applicable laws, you may file a complaint with the National Institute for Transparency, Access to Information and Protection of Personal Data (INAI) For more information visit: https://home.inai.org.mx/

The Data Subject agrees to this Privacy Notice and consents to the processing of his/her personal data.