Skip to main content

Your corporate travel, now simplified. Discover Mendel Travel

TERMS AND CONDITIONS OF THE PLATFORMS AND WEBSITE

These Privacy Policies establish how ARAKIM S.A., CUIT 30-71790644-2, with registered address at Scalabrini Ortiz 3333, 5th Floor, Autonomous City of Buenos Aires, Argentina (hereinafter, “MENDEL”), collects, processes, stores, uses, shares and protects personal data and other information associated with Users (as such term is defined below), in accordance with Argentine Law No. 25,326 on the Protection of Personal Data, its regulatory decree, supplementary regulations, and provisions issued by the Agency for Access to Public Information (Agencia de Acceso a la Información Pública, “AAIP”).

MENDEL is registered with the AAIP’s Data Controller Registry under No. RL-2023-55682483-APN-DNPDP#AAIP and is the controller of the “Mendel Platform Users Database”, registered with the AAIP under No. RL-2023-84295374-APN-DNPDP#AAIP.

ACCEPTANCE OF THESE PRIVACY POLICIES GRANTS THE STATUS OF “USER” TO ANY PERSON WHO FULLY AND WITHOUT RESERVATION ACCEPTS THESE PRIVACY POLICIES.

These Privacy Policies are an integral part of MENDEL’s Terms and Conditions. By accepting the Terms and Conditions through the User’s representative, the User accepts the provisions of these Privacy Policies.

I. Definitions and Scope

For purposes of these Privacy Policies:

“Website”: MENDEL’s website available at www.mendel.com (including its subdomains and local pages).

“Mendel Platform” or “Platform”: MENDEL’s technology platform (including its application) through which MENDEL provides software-as-a-service (SaaS) services and technological features to corporate clients.

“User”: (i) the corporate client (legal entity) that contracts or uses the Platform and/or (ii) the natural persons authorized by the User (e.g., administrators, employees, collaborators, travelers, approvers) who access and use the Platform on its behalf (“User’s Persons”).

“Personal Data”: any information of any kind relating to identified or identifiable natural persons, pursuant to Law 25,326.

“Travel”: corporate travel management technological features integrated into the Platform, which may connect the User with third parties (agencies, GDS, providers, etc.).

“AI Features”: recommendation, ranking, classification, filtering, summarization, or other automated outputs based on artificial intelligence within the Platform.

These Privacy Policies apply to the processing of data carried out by MENDEL in connection with the use of the Website and/or the Platform.

II. MENDEL’s Responsibility

MENDEL shall be the controller responsible for the processing and protection of the Personal Data it processes in connection with the Website and/or the Platform.

The protection of Personal Data is MENDEL’s responsibility, and data subjects may exercise the rights granted under applicable regulations in accordance with the procedure set forth in these Privacy Policies and in Law 25,326.

III. Personal Data Collected by MENDEL

MENDEL may request and process the Personal Data necessary to (i) enable access to the Platform, (ii) provide and configure the SaaS Services, (iii) offer Travel and AI Features when applicable, (iv) provide support, (v) ensure security and prevent fraud, and (vi) comply with applicable regulations.

Without limitation, MENDEL may collect:

A. Identification and Contact Data (natural persons)

  • Full name
  • Identification document (type and number) and/or CUIL/CUIT (as applicable)
  • Date of birth (when required for identity validations or service requirements)
  • Nationality (when required for Travel or validations)
  • Corporate email address
  • Phone number (work and/or mobile)
  • Role/profile in the Platform (e.g., admin, approver, traveler)
  • Company/client to which the person belongs (User)

MENDEL does not deliberately request data from minors. The Platform is intended for corporate clients and their authorized persons.

B. Identification and Contact Data (legal entities)

  • Corporate name / legal name
  • CUIT
  • Address (tax and/or business)
  • Business activity / industry
  • Corporate contact details
  • Representative/administrator/attorney-in-fact details (name, title, contact)
  • Service onboarding and configuration information (e.g., cost centers, internal policies, approval flows)

C. Employment/Organizational Data (User’s Persons)

  • Position/title, department, approval level
  • Work address (if applicable)
  • Internal identifier (employee ID/corporate ID, if provided by the User)
  • Parameters related to internal policies (e.g., limits, profiles, rules)

D. Operational and Platform-Use Information (SaaS)

  • Activity logs and audit records: logins, actions within the Platform, approvals, changes, information uploads, etc.
  • Information uploaded/managed by the User or its persons: expense categories, descriptions, receipts, invoices, or other operational documentation.
  • Integrations and connectors: technical identifiers, tokens, sync status and metadata necessary to operate integrations authorized by the User.

E. Device / Navigation Technical Data

  • IP address
  • Device and browser identifiers
  • Browser type, operating system, language, access dates and times
  • Cookies / web beacons / similar technologies (see Section IX)
  • Performance and diagnostic information (errors, crashes, latency, etc.)

F. Location Data (when enabled or necessary)

  • Approximate location (e.g., for security or specific features)
  • On mobile devices, geolocation only if enabled by the User and required for the feature.

G. Travel-Related Data (if Travel is enabled)
When the User uses Travel features, MENDEL may process data necessary to facilitate travel management and connection with third parties, such as:

  • Traveler data: name, email, phone
  • Travel preferences (e.g., flight/hotel preferences, loyalty programs if entered)
  • Itineraries and booking details (dates, segments, accommodations, booking references, terms)
  • Requests, approvals and internal travel policies
  • Requirements or minimum data required by third parties for booking/issuance (e.g., identification or passport details only if required by the third party and entered/authorized by the User).

Important: performance of the travel service and its terms belong to third parties. MENDEL acts as a technology provider (see Section VIII – Transfers).

H. AI-Related Data (if AI Features are enabled)
To provide AI Features, MENDEL may process:

  • Content entered by the User in query fields (“prompts”) to the extent necessary to generate the output.
  • Outputs generated by the feature (responses, rankings, summaries, etc.).
  • Operational context data used by the feature (e.g., categories, internal policies, Travel information available in the Platform).
  • Technical metadata: timestamps, session identifiers, performance and quality metrics (e.g., “helpful/not helpful”), and logs for security.

MENDEL may record and retain prompts, generated outputs, feedback and the associated logs/metadata (collectively, “AI Records”) in logs and/or databases for: (i) operation and support of the feature, (ii) quality control, audit and traceability, (iii) security, fraud/abuse prevention and incident detection, (iv) analysis and correction of failures, and (v) continuous improvement of the Platform.

MENDEL may also use AI Records to train, fine-tune, evaluate and improve models, algorithms and/or rules associated with AI Features, preferably using minimization, aggregation and/or anonymization techniques where possible.

MENDEL may perform limited human review of AI Records for quality control, security, abuse prevention and incident resolution purposes, applying access controls and confidentiality obligations.

The User undertakes not to enter sensitive personal data (e.g., health data, biometric data, beliefs, sexual orientation, etc.) or information that should not be shared, especially in AI interactions.

IV. Additional Personal Data (specific cases)

In specific cases and only when necessary for an enabled feature or due to User requirements, MENDEL may process:

  • Biometric data: only if a specific feature requires it and with an applicable legal basis (otherwise, it is not collected).
  • Precise geolocation: only if enabled by the User/User’s Person and indispensable for the feature.

V. Purposes of Processing

Personal data collected by MENDEL is processed for two types of purposes:

A. Purposes necessary for the relationship with the User and the provision of the Services

  • Onboarding, administration and operation of the SaaS service and Platform features.
  • User and access management: authentication, permissions, profiles, security controls.
  • Service configuration according to the User’s policies (cost centers, approval flows, parametrization).
  • Technical support and handling of inquiries, incidents and requests.
  • Security, fraud and abuse prevention: access monitoring, anomaly detection, audit and traceability.
  • Compliance with applicable regulations (e.g., legal obligations, valid requests by competent authorities).
  • Service improvement: diagnostics, performance, stability, usability and continuous improvement.

Travel (if applicable):

  • Enable technological management of requests and bookings within the Platform.
  • Facilitate connection and transmission of information necessary to third parties (agencies/GDS/providers) at the User’s request.
  • Provide technological operational support for the module (e.g., tracking, request administration).

AI Features (if applicable):

  • Generate recommendations, rankings, classifications, filters or summaries based on data available in the Platform.
  • Improve quality and security (e.g., detect abuse, failures, problematic outputs).
  • Maintain reasonable security and performance logs.
  • Train, fine-tune, evaluate and improve models, algorithms and/or rules associated with AI Features and the Platform, including analysis of prompts, outputs and feedback, with minimization measures and, where possible, aggregation and/or anonymization.

B. Purposes not necessary for the contractual relationship (optional)

  • Sending commercial communications, newsletters, event invitations or content of interest.
  • Satisfaction and quality surveys.
  • Marketing activities (e.g., campaigns) to the extent permitted by law.

The User may request to stop commercial communications pursuant to Section VII.

User’s obligation (corporate client): with respect to Personal Data of its persons (employees/collaborators/travelers) that it provides or manages in the Platform, the User represents that it has the necessary legal basis and/or consents, and that it has informed such persons about processing and the content of these Privacy Policies.

VI. Security of Personal Information

MENDEL adopts and applies appropriate administrative, technical and organizational security measures to protect Personal Data against unauthorized access, alteration, disclosure, loss or destruction.

Access to information is limited to employees, representatives and providers who need it to perform their functions and/or provide or improve services. MENDEL requires its providers to meet appropriate confidentiality and security standards.

VII. Rights of Access, Rectification and Deletion

In accordance with Sections 14 and 16 of Law 25,326, the data subject has the right to:

  • Access their data
  • Request rectification, updating, deletion and confidentiality.

The data subject may also request, free of charge, the removal or blocking of their name and email from databases for advertising purposes (Section 27(3) of Law 25,326).

To exercise these rights, the data subject must send a request to: [email protected].

MENDEL will provide access within ten (10) calendar days of receipt of the request.

Rectification/update/deletion requests will be addressed within five (5) business days, once identity has been verified.

The AAIP handles complaints and claims regarding non-compliance:
Website: www.argentina.gob.ar/aaip – Email: [email protected] – Tel.: +54 11 2821-0047.

VIII. Transfers and Disclosures of Data

MENDEL may share or transfer Personal Data when necessary to provide the Services or due to legal obligations, including:

  • Mendel affiliates and subsidiaries (e.g., for support, internal operations or infrastructure).
  • Technology providers (hosting, storage, communications, monitoring, cybersecurity, analytics, support, integrations) under confidentiality and security agreements.
  • Verification and fraud-prevention providers (e.g., identity validations or corporate checks), when necessary.
  • Travel third parties (agencies, consolidators, GDS and/or providers) only to the extent necessary for the management requested by the User and pursuant to their terms.
  • AI-related providers (e.g., infrastructure or technological services to operate the feature), to the extent necessary to provide the service and, where applicable, acting as processors under MENDEL’s instructions, with confidentiality, security and use limitation obligations.
  • Competent authorities when required by law or pursuant to valid requests.

International transfers: MENDEL may transfer data within and outside Argentina. Some destinations may not provide protection levels equivalent to those in Argentina. In such cases, MENDEL will implement reasonable safeguards and require confidentiality and security obligations in accordance with applicable regulations.

IX. Use of Cookies, Web Beacons and Similar Technologies

The Website and/or the Platform may use cookies, web beacons or similar technologies that automatically collect information, such as:

  • IP, browser, operating system, access date/time
  • Pages visited, browsing events, performance
  • Session preferences and configuration (e.g., keep login)
  • Website/Platform usage analytics.

The User may disable cookies in their browser settings. Some features may be affected if necessary cookies are blocked.

X. Data Retention

MENDEL will retain Personal Data for as long as necessary to:

  • provide the Services,
  • comply with legal obligations,
  • resolve disputes, and
  • maintain reasonable security and audit records.

When data is no longer necessary, MENDEL will delete or anonymize it, unless retention is required by law.

In particular, AI Records (prompts, outputs, feedback and related logs) may be retained for the time reasonably necessary to (i) operate and secure AI Features, (ii) investigate, audit and fix failures, (iii) prevent fraud/abuse and address incidents, (iv) improve the Platform and AI Features, and (v) comply with legal obligations. MENDEL will apply minimization criteria and may anonymize or aggregate information where possible.

XI. Changes to the Privacy Policies

MENDEL reserves the right to modify these Privacy Policies due to legislative, case law or internal policy changes, new requirements, or market practices. Amendments will be published on the Website and will apply as of their effective date.

XII. Contact

For questions or requests: [email protected].