INTEGRAL PRIVACY NOTICE IDENTITY AND ADDRESS OF THE CONTROLLER
Pursuant to the provisions of the Federal Law on Protection of Personal Data Held by Individuals (the Law) PIZZAS Y PASTAS BASILICO, SA DE CV, at the following addresses:
· Basilico – Hidalgo Avenue Extension #5280 L. 28 Fracc. Lomas del Chairel CP 89360 Tampico, Tamaulipas.
Brusketa – Av. Hidalgo esq. Orange Blossom 4000 Col. Las Flores Tampico, Tamaulipas.
· Gate 27 – Hidalgo Avenue Extension #5280 L. 27 Fracc. Lomas del Chairel CP 89360 Tampico, Tamaulipas.
· Basilico Altama – Mexican Army 706 Local 3013 Altama City Center CP 89130, Tampico, Tamaulipas.
· Plaza City Center – Ave. Paseo Usumacinta esq. Blvd. Adolfo Ruiz Cortines Local 9-12 Col. Atasta de Serra Centro, CP 86035 Villahermosa, Tabasco
· Ankor Square – Ave. Prol. 27 de Febrero 3303, Col. Tabasco 2000, Villahermosa, Tabasco, Mexico
As RESPONSIBLE for the processing of your personal data, you are informed of the following information.
PURPOSES OF DATA PROCESSING
The collection of your personal data by the CONTROLLER, even derived from any legal relationship for the acts that they celebrate with you as the owner thereof, will be safeguarded and processed for various purposes, which are established below:
· Updating of customer databases
· Payment to suppliers
· Recruitment, selection and hiring of personnel
· Comply with legal and fiscal obligations related to personnel
Additionally, it is identified and distinguished that the following purposes could
be considered different from those that originated from the legal relationship with the
holder, but that we consider necessary to conclude our processes:
Evaluate the quality of the service
· Reception and monitoring of customer complaints
Evaluate the work environment
Procedures requested by the employees themselves
In accordance with Article 14 of the Regulations of the Law, the holder will have a period of 5 days so that, if applicable, he expresses his refusal to process his personal data for purposes other than those that are necessary. and give rise to the legal relationship between the person responsible and the owner. If the owner does not express his refusal to process his data in accordance with the foregoing, it will be understood that he has given his consent for the processing thereof, unless proven otherwise. Which you can do by contacting us through the following form Contact – Basilico Group
MEANS TO EXERCISE ARCO RIGHTS.
The categories of personal data of the owners that may be requested for the development of our processes and purposes established in this notice are:
Identification and contact
· Patrimonial and/or financial
of physical characteristics
IN THE CASE OF SENSITIVE, FINANCIAL OR EQUITY DATA
This type of data must be processed under the strictest security measures that guarantee its confidentiality in accordance with the provisions of this privacy notice and the law. In such cases, in accordance with the provisions of article 9 of the Law regarding sensitive personal data, the owner must express their express written consent through their handwritten signature, electronic signature, or any authentication mechanism that effect is established. In the particular case, the RESPONSIBLE has established that said consent must be expressed through the autograph signature of the owner, which must be reflected under the following legend:
"I agree that my sensitive personal data is used, this only for the purposes contained in the comprehensive privacy notice of PIZZAS Y PASTAS BASILICO, SA DE CV"
NAME AND SIGNATURE OF THE HOLDER:
In the case of financial and/or patrimonial data, as established in Article 8 of the Law, the consent must be express, for which it has been established that it will be through the autograph signature of the owner at the bottom of the following legend:
"I agree that my financial and/or patrimonial data is used, this only for the purposes contained in the comprehensive privacy notice of PIZZAS Y PASTAS BASILICO, SA DE CV"
DATA COLLECTED IN OUR RECRUITMENT AND SELECTION PROCESS
Regarding the recruitment, selection and hiring of personnel, when the job application is received and before the personal data that are considered sensitive, financial and/or patrimonial are used, the owner must respond and sign the legend that It is located on the back of the application.
If the owner does not sign, your job application cannot be processed and your data will not be received.
When a job application or a Curriculum vitae is received by email, it must be verified that it does not contain sensitive or financial/property data. In case of containing this type of information, before the personal data is used, the owner must respond and sign the
legend that will be placed on the back of the application and/or resume. If the owner does not sign, your job application cannot be processed and your data will not be received.
The legend for both cases is as follows:
"I agree that my personal data (sensitive, financial and/or patrimonial) are used, this solely for the purpose of the recruitment, selection and hiring of personnel"
In the case of contracting through a third party, the data will be collected by said third party being directly responsible for its treatment, the responsibility of "The person in charge" begins at the time of contracting.
TIME FOR WHICH PERSONAL DATA ARE RETAINED
In order to comply with the Law, once the owner delivers their personal data to the person in charge, the latter will keep them in various media for the minimum time required to complete the provision of the service, however there are personal data that are part of the information that tax authorities may require in the years following the delivery of the completed work. In these cases, the information will be duly stored and backed up in accordance with the physical and technological security measures implemented, which is included in the internal data protection procedure of the "RESPONSIBLE".
ADMINISTRATIVE, TECHNICAL AND PHYSICAL SECURITY OF DATA
The personal data in possession of the person in charge will be protected administratively, technically and physically as established in the internal data control procedure, in order to avoid loss, misuse, unauthorized access to them, as well as their publication. , modification or even destruction.
For the aforementioned treatment of personal data, all the principles set forth in article 6 of the Law will be followed, which for a better understanding we indicate below: Legality, Quality, Consent, Information, Purpose, Loyalty, Proportionality and Responsibility.
Likewise, the internal data protection procedure and the "Access control and backups" describe the security measures related to:
Security system in the access to the administrative offices
Control of restricted access to computer systems through the configuration of account profiles and password assignment
Protection of the accounts and passwords with which the various users have
information backup policies
· Destruction of both paper and electronic files of dismissed or non-contracted personnel
LIMITATION OF THE USE AND DISCLOSURE OF DATA
For the purposes of limiting the use or disclosure of your data, the "RESPONSIBLE" has established a Confidentiality Policy that is signed annually as evidence of the commitment to comply with it by each member of the staff involved in the provision of the service. and therefore in the use of your data.
The "RESPONSIBLE" has delegated the responsibility for data protection within the company to an internal manager called the Data Protection Officer, whose function will be to support and monitor the measures taken within the company so that they are carried out. , in this case it is the person who occupies the position of Comptroller, the contact with the Data Protection Officer will be through the following email: [email protected]
The personal data in possession of the "RESPONSIBLE" will be protected administratively through an internal personal data control procedure, technically through the activities that are carried out by the internal systems area and physically through security cameras and personnel access registration by fingerprint. digital, all this with the purpose of avoiding the loss, improper use, unauthorized access to them, as well as their publication, modification or even the destruction of the personal data that they collect.
The "RESPONSIBLE" may not use the personal data collected for a use other than those mentioned in this privacy notice, if for any reason this happens, before they are used, the pertinent changes must be made to the privacy notice. and will be made available again to the holder through the following address https://www.grupobasilico.com
MEANS TO EXERCISE ARCO RIGHTS
In order for the owner to be able to exercise the ARCO rights (Access, Rectification, Cancellation and Opposition) provided by the Law or, to suit their interests, revoke the consent previously granted for the use of their personal data, we have implemented a procedure that establishes certain requirements, formats and deadlines that the owner can find out by requesting this information through the following email: [email protected]
Through said email or the link "ARCO Rights” in the Privacy Notice section at the following address: https://www.grupobasilico.com The owner may request or send (respectively) the "ARCO rights request"
In order for your request for ARCO rights to be accepted for analysis by us, it must contain and be accompanied by everything indicated in article 29 of the Law:
Full name of the owner
Documents proving the personality of the holder
· Clear and precise description of the personal data with respect to which the ARCO rights are sought
· Use the application provided as indicated in the previous paragraph
In accordance with the foregoing, if the owner requests access to the personal data provided to the company, this obligation will be fulfilled by making said data available to them or, if the owner requires it, we will provide them, by the means indicated, a simple copy of the same.
If, even after knowing the owner of this Privacy Notice, he determines that the purpose of the processing of his personal data is different from that agreed with the "RESPONSIBLE", he may inform the latter, by email to [email protected] your refusal for your personal data to continue to be used.
In the same way, we inform you that your personal data can be transferred and processed inside and outside the country, by persons other than the "RESPONSIBLE", in accordance with the provisions of chapter V, articles 36 and 37 of the Law. In that sense , your information may be shared with third parties (according to the purpose) to carry out the following activities:
· To banking institutions for the payment of payroll to employees
· To third parties indicated by the owner to complement a procedure requested by himself
· To the corresponding authorities, to comply with tax and legal obligations related to contributions and social security of workers.
· To the corresponding authorities, to meet their requirements or to protect and defend the rights of the "RESPONSIBLE".
Through the following legend, the owner may indicate whether or not he accepts the transfer of his data.
"I agree that my personal data, sensitive or not, as well as financial and/or patrimonial data be transferred to third parties, this only for the purposes described above."
The third party recipient will assume the same obligations that correspond to the "RESPONSIBLE" that has transferred the data.
We reiterate that the owner can oppose the transfer of their personal data and exercise their ARCO rights, for which they can send an email to [email protected]
If you do not express your opposition to the transfer of your data to third parties, the "RESPONSIBLE" will understand that your consent has been granted for it.
CHANGES TO THE PRIVACY NOTICE
The "RESPONSIBLE" reserves the right to make the modifications that it deems pertinent to this Privacy Notice, with the purpose of adapting it, updating it, improving it, or to meet new legal provisions. It is recommended that the holders of personal data regularly review the content of this comprehensive Privacy Notice through the following address: https://www.grupobasilico.com in order to be aware of the changes that it could undergo.
Version 1 valid since January 1, 2018.