Privacy Notice

Of the Portal and Platform of Fluxo Technologies SAPI de CV ("Fireflux").

This Privacy Notice is effective as of Jun 19, 2024

Comprehensive Privacy Notice

To comply with the Federal Law on Protection of Personal Data Held by Private Parties (hereinafter the "Law"), its Regulations, and other applicable legal provisions, we present this Privacy Notice to inform you about the information we will collect from you, the purposes of it, and other obligations contemplated in the Law, its Regulations, and other applicable legal provisions.

You are hereby informed that you have the right to self-determine the legal treatment and control of the information you provide us, so that the data is used for the intended purpose, preserving its confidentiality and privacy.

Responsible for the Processing of Your Personal Data

Fluxo Technologies SAPI de CV, commercially known as "Fireflux" (hereinafter "Fireflux"), with an address in Mexico City, is responsible for the processing of your personal data collected by Fireflux, whether through any electronic means, paper format, electronic format of the application or Fireflux website, telephone, or other means intended to obtain personal data, as well as safeguarding the privacy of the data you provide us as a client or potential client, informing you that your information will be treated exclusively for the purposes stated in this Privacy Notice, in accordance with the provisions of the Law.

Personal Data Protection Department

Address: Calz. Gral. Mariano Escobedo 568, Anzures, Miguel Hidalgo, 11590 Ciudad de México, CDMX.
Email: support@fireflux.dev

Non-Sensitive Personal Data Collected

The personal data that Fireflux will request or may request are:

Contact details: full name, phone number (home or mobile), email, address.
Client Identification Data: First and last names, date of birth, gender.
Financial Information: payment-related data, such as bank accounts and debit or credit card information when making payment for services and products offered.

In terms of Article 8 of the Law, for the purposes of the aforementioned personal data, it will be understood that you tacitly consent to the processing of your personal data, when having made this privacy notice available to you, you do not express your opposition.

Sensitive Personal Data

We inform you that Fireflux will not collect any sensitive data from you.

Purposes for Which Your Personal Data Is Collected and Used

In terms of the applicable legal provisions, the processing of the personal data collected will be used for the hiring of services consisting of the development of technology or various accessories of any nature with the aim of developing operational applications and helping companies improve their processes without the need to use traditional programming code, as well as carrying out all kinds of legal acts in terms of our corporate purpose.

Transfer of Personal Data within Fireflux

Fireflux may share the personal data provided by you with the different departments of the corporate entity, as well as the different subsidiary, affiliated, and controlling companies of Fireflux, whether located within the Mexican Republic or abroad, for the purpose of fulfilling the purposes set forth in this Privacy Notice and to comply with contractual obligations that may arise with you as the holder of the corresponding personal data. Similarly, Fireflux may share the information provided by you with any data controller that may be designated, in accordance with Article 49 of the Law's Regulations.

Transfer of Personal Data to Third Parties

Fireflux may share some of your personal data with other companies, insurance brokers, insurers, cloud service providers, database companies, AI tool providers, data analytics companies, or third-party providers (the "Third Party Recipients") provided it aligns with the contracted product and/or service, for which we require your express and written consent, through your autograph signature, electronic signature, or any authentication mechanism established for this purpose.

Obtaining Personal Data and Their Source

To collect personal data, Fireflux adheres to the principles of legality, quality, consent, information, purpose, loyalty, proportionality, and responsibility established in the Law. We collect the data from the holder personally or through electronic, sound, and/or visual means, such as email, parcel service, phone, among others, to ensure their reliability. Additionally, Fireflux may obtain information through lawful means as established by the Law, such as telephone directories, public databases like the Public Property and Commerce Registry, or any other public information source. Additionally, for the purposes stated in this Privacy Notice, personal data may be collected in various ways: when you provide it directly; when you visit our application or website or use our online services, and when we obtain information through other sources permitted by the Law.

Information concerning an identified or identifiable individual provided on our website may also be collected.

Limitation on the Use or Disclosure of Your Personal Data

To limit the use and disclosure of the data collected by Fireflux, we offer the following means: (i) registering the data in the Public Registry, managed by the Federal Consumer Protection Agency (PROFECO), to prevent your personal data from being used to receive advertising or promotions from goods and services companies. For more information on this registry, you can consult the PROFECO website or contact them; (ii) Your registration in an exclusion list to prevent your personal data from being used for marketing, advertising, or commercial prospecting purposes by Fireflux.

How to Access or Rectify Your Personal Data or Cancel or Oppose Their Use (ARCO Rights)

You have the right to access your personal data that we hold and the details of their processing, as well as to rectify them if they are inaccurate or incomplete; cancel them when you consider they are not required for any of the purposes stated in this Privacy Notice, are being used for unauthorized purposes, or when the contractual or service relationship has ended, or to oppose their processing for specific purposes.

The mechanisms implemented for exercising these ARCO rights are through the submission of a written request via email addressed to the Personal Data Protection Department with the following information:

Full name of the holder.
Address of the holder of the personal data or email through which the response to the request can be sent.
Official documents proving identity.
For legal entities, documents proving the legal existence of the company, as well as documents containing the powers and faculties of the legal representative, and the official identification of the legal representative.
Clear and precise description of the personal data for which any of the rights are sought to be exercised.
Any other element or document that facilitates the location of the personal data, as well as any other document required by the legislation in force at the time of submitting the request.

The request will be resolved within 20 (twenty) business days from the date of receipt of the request. However, Fireflux will always have the right to extend the term indicated above on one occasion for an equal period, provided it is justified and the circumstances of the case warrant it.

Exercise of the rights of access, rectification, cancellation, or opposition may be denied in the following cases:

When the applicant is not the holder or the legal representative of the legal entity and/or does not prove the legal existence of the represented entity or their powers and faculties are insufficient to exercise the rights in question.
When the personal data of the applicant is not found in Fireflux's databases.
When the rights of a third party are injured.
When there is a legal impediment or resolution from a judicial or administrative authority.
When the rectification, cancellation, or opposition has been previously carried out so that the request lacks substance.

Additionally, Fireflux will not be obligated to cancel your personal data when it is in any of the following cases:

Refers to the parts of a private, social, or administrative contract and is necessary for its development and fulfillment.
Must be treated by legal provision.
Obstructs judicial or administrative actions related to fiscal obligations, investigation, and prosecution of crimes, or the imposition of administrative sanctions.
Necessary to protect the legally protected interests of the holder.
Necessary to perform an action based on the public interest.
Necessary to comply with a legally acquired obligation by the holder, and
Subject to treatment for prevention or medical diagnosis or the management of health services, provided that such treatment is carried out by a health professional subject to a duty of confidentiality.

At any time, you may revoke the consent you have given us for the processing of your personal data, so that we stop using it. To do this, you must submit a request to the Personal Data Protection Department containing the following information:

Full name of the holder.
Address of the holder of the personal data or email through which the response to the request can be sent.
For individuals, official documents proving identity.
For legal entities, documents proving the legal existence of the company, as well as documents containing the powers and faculties of the legal representative, and the official identification of the legal representative.
Explicitly state the request to revoke the consent for the processing of personal data, explaining the reasons for doing so.

Your request will be attended to within a maximum period of 20 (twenty) business days, and we will inform you of the resolution through the means indicated in your request. It should be noted that, despite your request, Fireflux will retain the right to process certain information as permitted or required by Law.

Blocking and Deletion of Personal Data

You are informed that once the purpose(s) of the processing have been fulfilled and when there is no legal, administrative, or regulatory provision establishing otherwise, the data will be canceled after being blocked for subsequent deletion.

Security and Storage

Fireflux commits to implementing technological and administrative security measures to protect your personal data from unauthorized processing. The information provided will be safeguarded in databases with the highest security technology and encryption to prevent information leaks.

Modifications to the Privacy Notice

Fireflux reserves the right to make modifications or updates to this Privacy Notice at any time to address legislative changes, internal policies, or new requirements for providing or offering our services or products. It will be understood that you accept the modifications made to the Privacy Notice when you continue using the Services provided by Fireflux, including those provided through its applications or websites.

Use of Cookies and Web Beacons on the Website

Cookies are text files that are automatically downloaded and stored on the user's computer hard drive when browsing a specific Internet page, allowing the Internet server to remember some data about this user, including preferences for viewing pages on that server, name, and password. Web beacons are images inserted into an Internet page or email that can be used to monitor the behavior of a visitor, such as storing information about the user's IP address, duration of interaction on that page, and the type of browser used, among others. We inform you that cookies and web beacons may be used on our Website to obtain personal information from you. In this sense, these cookies and other technologies can be disabled.

Legal Provisions

This Privacy Notice complies with all current provisions established in the Law, its Regulations, and other applicable legal provisions.