Skip to main content

PRIVACY POLICY

This Privacy Notice (the “Privacy Notice”) contains the terms and conditions relating to the collection, storage, and safekeeping of Corporate, Personal, and Financial Information (as such terms are defined in the *Mendel Terms and Conditions*) as well as the personal data of the User’s representatives, officers, employees, contractors, subcontractors, directors, managers, and/or other officials that the User provides to Mendel within the framework of the Mendel Terms and Conditions and/or a Service Request (the “Personal Data”), in compliance with the terms established by the Federal Law on Protection of Personal Data Held by Private Parties (“LFPDPPP”) and by the regulatory and/or administrative provisions derived from or related to said legal order.

This Privacy Notice is an integral part of MENDEL’s Terms and Conditions. By accepting these Terms and Conditions by the representative of the MENDEL corporate User, the User has accepted the provisions of this Privacy Notice.

 

I. Identity and Address of MENDEL

Shlujim, SA de CV and FINANCIERA CR CAPITAL, SAPI DE CV, SOFOM, ENR  hereinafter  “MENDEL” , with address at Campos Elíseos number 403, 6th floor, Colonia Polanco II Section, Miguel Hidalgo Territorial Demarcation, Postal Code 11530, Mexico City, is responsible for the processing and protection of your personal data, and therefore makes available to you the Privacy Notice detailed below, in compliance with the LFPDPPP and its regulations.

MENDEL is responsible for compliance with the natural or legal persons with whom it establishes a present or future contractual relationship. It will be responsible for the processing and protection of your personal data. It carries out the activities of collecting, storing, and safeguarding Corporate Information, Financial Information, and Personal Data, as the controller, through the internet website  www.mendel.com  (hereinafter the “Website”) and/or the Mendel App, and therefore makes available to you the Privacy Notice detailed below.

The protection of Personal Data is the responsibility of MENDEL, and its owners may exercise the rights granted to them by the applicable regulations in accordance with the procedure established under the title “Exercise of ARCO Rights”.

 

II. Personal Data collected

We inform you that, in order to fulfill the purposes set forth in this privacy notice, personal, work, and other data will be collected and processed.

academic, patrimonial, migratory and those necessary for MENDEL to carry out the purposes indicated in point IV of this Notice:

  1. Personal identification data of the User.
  2. Contact details of the User and the User’s Persons.
  3. Data relating to the location of the device from which the Website is accessed and/or the Mendel App is run.
  4. Access IP data corresponding to the device using the Mendel App and the Website mentioned above.
  5. Tax data for billing services.
  6. Corporate Information and Financial Information and information relating to the User’s credit risk profiling and/or profiling in terms of the regulations for the prevention of operations with illicit proceeds, as well as other financial data corresponding to the means of disposal that the corporate User and the User’s Persons use.

Likewise, MENDEL collects from its clients, prospects, all of them natural persons and legal entities (hereinafter, the  “Owner” ), the following personal data:

Identification and contact information for individuals, where applicable:

  • Name
  • Marital status
  • Federal Taxpayers Registry
  • Unique Population Registry Key (CURP)
  • place of birth
  • Birthdate
  • Nationality
  • Home
  • Home phone
  • Cellular phone
  • Email
  • Age

Identification and contact information for legal entities:

  • Company name
  • Business, activity or corporate purpose
  • Nationality
  • Federal Taxpayers Registry
  • Advanced Electronic Signature Serial Number
  • Confidential Electronic Identification Key (CIEC)
  • Home
  • Institutional telephones
  • Constitution
  • Social or shareholding structure
  • Name of agent(s), administrator(s), manager(s), general director
  • Name of the controlling beneficiary

Employment data

  • Position or post held
  • Work address
  • Email
  • Telephone(s)

Academic data

  • Educational background
  • Curriculum Vitae of the Company (legal entities)

Migration data

  • Residence rights
  • Nationality of the Company (legal entities)

Asset and/or financial data of individuals:

  • Credit history
  • Income
  • Bank Accounts
  • Credit card number(s)

Asset and/or financial data of legal entities:

  • Credit history
  • Financial Statements
  • Bank Accounts

These data may be obtained personally or through electronic means (equipment, optical media or any other technology, automated data processing systems and telecommunications networks, whether public or private, in terms of the applicable legal provisions that MENDEL makes available to the Owner for this purpose, in which they will record the creation, transmission, modification or extinction of rights and obligations).

III. Sensitive personal data collected

In the specific case of the Mendel APP and the Website, as well as those specialized Third Parties, where appropriate Providers and/or Commercial Entities, MENDEL may collect the following sensitive data:

  • Geolocation.
  • Biometric Data.

 

IV. Purposes of MENDEL when processing your personal data

The personal data that MENDEL collects are for two types of purposes:

  1. Those that gave rise to and are necessary for the existence, maintenance and fulfillment of the legal relationship between MENDEL and the Owner.
  • Identify customers and validate their identity.
  • Manage and operate the services and products that you request or contract with MENDEL.
  • Analysis of payment capacity and liquidity
  • Inform the customer about changes in products and services.
  • Registration of your data for the purposes of the contracted product and service.
  • Formalize and register the contracting of a product or service.
  • Check the credit bureau.
  • Geolocation of the Holder who wishes to celebrate, through a mobile device or Website.
  • Identify Users, verify and validate their identity, as well as verify and validate the veracity of the Corporate Information and Financial Information, including analysis of their credit capacity through consultation with Credit Information Societies.
  • Identify representatives, officers, employees, contractors, subcontractors, directors, managers and/or other officials of the User.
  • Promotion and evaluation of financial services and products including credit analysis and risk profile assignment.
  • Marketing and promotional activities, sending Users information that may be of interest to them.
  • market analysis activities, intelligence related to the spending and consumption behavior of User Persons, risk analysis, analysis of purchasing preferences (product categories, prices, location, etc.), delivery of results on the activity of the User and User Persons in the use of means of disposal.
  1. Those that are not necessary and do not give rise to the legal relationship between MENDEL and the Owner.
  • Customer satisfaction and quality surveys.
  • Sending commercial and advertising information via email, cell phone (SMS, MMS).
  • Inform about new products or services that are related to those contracted or acquired by the client.
  • Collection management seeking the recovery of overdue portfolios, as well as to carry out preventive actions in this regard, including the sale of portfolios.

By entering into a contract with MENDEL, the Data Controller expresses his or her express or tacit consent to carry out the processing in accordance with the provisions of the applicable regulations.

Likewise, the Corporate User acknowledges and declares that with respect to the Personal Data of natural persons that the Owner provides to MENDEL, the Corporate User is subject to the obligation to inform the User Persons about the processing of their personal data and the content of this Privacy Notice, and that it has duly complied with said information.

 

V. Mechanism for expressing refusal to process personal data, for exercising ARCO rights and for revoking consent

Once this Privacy Notice is made available to the Owner and he/she does not express any opposition, it will be understood that he/she grants MENDEL his/her consent to carry out the corresponding processing of Personal Data.

In the event that the Privacy Notice has not been made known to the Owner directly or personally, the Owner will have a period of five business days in accordance with the Law, to state that he or she does not consent to the processing of his or her personal data for purposes that are not necessary and did not give rise to the legal relationship between MENDEL and the Owner.

At MENDEL, you have the right to exercise your ARCO rights, that is, to access your Personal Data, rectify it if it is inaccurate or incomplete, cancel it or oppose its processing, when it is used for purposes other than those necessary for the existence, maintenance and fulfillment of the legal relationship between MENDEL and the Owner.

The Data Subject has the right to know what personal data MENDEL keeps about each of them, what they are used for and the conditions of use (Access). Likewise, each of the aforementioned has the right to request the correction of their personal information if it is outdated, inaccurate or incomplete (Rectification); that Mendel delete it from its records or databases when it considers that it is not being used appropriately (Cancellation); as well as to oppose the use of their personal data for specific purposes (Opposition). These rights are known as ARCO rights.

As the owner of the personal data, you may revoke the consent you have given to MENDEL for the processing of your Personal Data.

In such case, the Holder must consider the following procedure:

  1. The Holder must submit a request for ARCO rights to the ‘Data Protection Unit’

Personal’, located at 403 Campos Elíseos Street, 6th floor, Colonia Polanco II Section, Miguel Hidalgo Territorial Demarcation, Postal Code 11530, Mexico City or send said request to the email address [email protected]

  1. It is required to prove the identity of the holder who exercises the ARCO rights, or, where applicable, his/her legal representative, by delivering via email to  [email protected]  his/her INE or Passport (in case of exercise by the holder) or the INE and/or Passport of the Legal Representative, the validly granted power of attorney that enables him/her to act on behalf of the holder, as well as the INE and/or passport of the holder with respect to whose data the exercise of ARCO rights is intended.
  1. The Personal Data Protection Unit will register the request and begin the process to exercise ARCO rights.
  1. The Personal Data Protection Unit will respond to the Data Subject regarding the ARCO rights request in accordance with the timeframes established by Law.

MENDEL may refuse to cancel or oppose the processing of personal data under the assumptions established in articles 26 and 34 of the Federal Law on the Protection of Personal Data Held by Private Parties.

 

VI. Transfers of personal data collected

MENDEL may transfer and process the personal data of the Holder within and outside the country, to entities affiliated with MENDEL, regulators and companies that provide some service, for the purposes mentioned in point IV of this notice.

In addition, MENDEL may provide your Personal Data if any law so requires, or when requested by the competent authorities in terms of the applicable legislation.

When transferring this data, MENDEL will ensure that its affiliated entities, regulators and companies providing services assume the same obligations regarding the protection of Personal Data.

 

VII. Consent to the transfer of personal data

MENDEL will not transfer Personal Data to third parties unless it has the consent of the Owner and in compliance with the provisions of Article 37 of the Federal Law on the Protection of Personal Data Held by Private Parties.

 

VIII. Options and means to limit the use or disclosure of personal data

MENDEL has implemented administrative, physical and technical security measures to prevent the misuse and disclosure of personal data.

Additionally, and to ensure that your personal data is not disclosed or used without your consent, MENDEL urges you to consider the following measures:

  1. Register with the Public Registry to Avoid Advertising (REPEP), which is an instrument that allows consumers who do not wish to receive advertising or have their information used for marketing or advertising purposes to register their telephone numbers. For more details on this registration, visit:  http://repep.profeco.gob.mx/index.jsp
  1. As a natural person, register in the Public Registry of users who do not want advertising information on financial products and services (REUS), which is a registry that contains personal information of users of the Mexican financial system who do not want to be bothered with advertising and promotions by financial institutions in their marketing practices. For more details about this registration, see:  https://www.gob.mx/tramites/ficha/registro-publico-de-usuarios-reus-para-personas-fisicas/CONDUSEF2536

 

IX. Use of cookies, web beacons or other similar technologies

When accessing the Mendel Website and/or App, it is important to keep in mind that it uses mechanisms (Cookies and Web Beacons or other technologies) that automatically collect information, such as: source IP address, browser used, date and time you accessed the Mendel Website and/or App, browser type, operating system type, web pages visited, searches performed, advertising reviewed, lists and consumer habits on shopping pages, among others.

Considering the above, it is important for you to know that you can disable the use of these mechanisms at any time according to the instructions provided by each company that owns the web browsers.

If you require further information, please consult our Policy on the use of cookies, web beacons and other similar technologies.

 

X. MENDEL Compliance

MENDEL complies with all obligations stipulated in the (“LFPDPPP”) and by the regulatory and/or administrative provisions derived from or related to said legal order as the responsible party. MENDEL does not assume any responsibility for the treatment that may be carried out by third parties for whom it has no obligation to respond. The recipient of the data will be subject to the Law and its Regulations, as the responsible party, and must treat the personal data in accordance with the provisions of this Privacy Notice. MENDEL is not responsible for the treatment carried out by the persons, companies or authorities with whom MENDEL shares the Personal Data as indicated in this Privacy Notice. These persons, companies or authorities are responsible to the owners for any treatment they carry out. Any person in charge who receives or accesses the Personal Data on behalf of MENDEL will be considered responsible with the obligations inherent to this person when, in any way, he treats the Personal Data for a purpose other than that authorized by MENDEL. Any treatment will be the responsibility of said third party, without Mendel being held responsible for any liability.

 

XI. Changes to the privacy notice

At MENDEL, we reserve the right to make changes or updates to this Notice at any time to address legislative or jurisprudential developments, internal policies, new requirements for the provision or offering of our services or products and market practices.

Should there be any changes to this Privacy Notice, you will be notified through the Website.

Last update date of this Privacy Notice:  September 21, 2022.
If you consider that your right has been violated by any conduct of our employees or our actions or responses, or you suspect that in the processing of your personal data there is a violation of the provisions set forth in the Law, you may file the corresponding complaint or claim with the National Institute for Transparency, Access to Information and Protection of Personal Data (INAI). For more information, visit:  https://home.inai.org.mx/