PRIVACY NOTICE regarding the personal data collected by THEGC S.A.P.I. DE C.V. (hereinafter referred to as "THEGC")

1.- General Information

1.1.- THEGC IS A COMPANY COMMITTED TO AND RESPECTFUL OF THE RIGHTS TO PERSONAL DATA OF INDIVIDUALS, RECOGNIZED IN ARTICLE 16, SECTION II OF THE POLITICAL CONSTITUTION OF THE UNITED MEXICAN STATES, AS WELL AS THE PROVISIONS OF THE FEDERAL LAW ON PERSONAL DATA PROTECTION HELD BY PRIVATE PARTIES, ITS REGULATIONS, AND OTHER APPLICABLE REGULATIONS. FOR THIS REASON, IT PROVIDES THIS PRIVACY NOTICE TO ENABLE THE DATA SUBJECT TO EXERCISE THEIR RIGHT TO INFORMED SELF-DETERMINATION.

1.2.- BY ENTERING AND USING THE WEBSITE, WHOSE DOMAIN NAME IS https://thegurucompany.com/aviso-de-privacidad IN THE SECTION CORRESPONDING TO "PRIVACY NOTICE," HEREINAFTER REFERRED TO AS "THE WEBSITE," OWNED BY THEGC, YOU (THE DATA SUBJECT) DECLARE THAT YOU UNDERSTAND AND ACCEPT THE TERMS AND CONDITIONS CONTAINED IN THIS NOTICE AND EXPRESSLY DECLARE AND GRANT YOUR ACCEPTANCE AND CONSENT USING ELECTRONIC MEANS FOR THIS PURPOSE, IN TERMS OF THE PROVISIONS OF ARTICLE 1803 OF THE FEDERAL CIVIL CODE.

1.3.- IF THE DATA SUBJECT DOES NOT FULLY AND ABSOLUTELY ACCEPT THE TERMS AND CONDITIONS OF THIS NOTICE, THEY MUST REFRAIN FROM SHARING ANY TYPE OF INFORMATION WITH THEGC BY ANY MEANS, INCLUDING ITS WEBSITE.

1.4.- IF THE DATA SUBJECT CONTINUES TO USE THE THEGC WEBSITE, EITHER IN TOTAL OR IN PART, SUCH ACTION WILL BE CONSIDERED AS THEIR ABSOLUTE AND EXPRESS ACCEPTANCE OF THE TERMS AND CONDITIONS STIPULATED HEREIN.

1.5.- THE SOLE USE OF THE THEGC WEBSITE GRANTS THE PUBLIC DATA SUBJECT THE STATUS OF DATA SUBJECT (HEREINAFTER REFERRED TO AS "THE DATA SUBJECT" OR "THE DATA SUBJECTS") AND IMPLIES FULL AND UNCONDITIONAL ACCEPTANCE OF ALL AND EACH OF THE GENERAL AND PARTICULAR CONDITIONS INCLUDED IN THIS PRIVACY NOTICE IN THE VERSION PUBLISHED BY THEGC AT THE MOMENT THE DATA SUBJECT ACCESSES THE MENTIONED PAGE.

THE PARTIES DECLARE THAT, AS THERE IS NO ERROR, FRAUD, BAD FAITH, OR ANY OTHER DEFECT IN THE WILL THAT COULD NULLIFY THE VALIDITY OF THIS INSTRUMENT, BOTH AGREE TO BE SUBJECT TO THE TERMS STIPULATED IN THE FOLLOWING:


2.- Definitions

2.1.- Personal data. Any information concerning an identified or identifiable natural person.

2.2.- Sensitive personal data. Those personal data that affect the most intimate sphere of the data subject or whose improper use may give rise to discrimination or involve a serious risk to them. In particular, sensitive personal data include those that may reveal aspects such as racial or ethnic origin, current and future health status, genetic information, religious, philosophical, and moral beliefs, union affiliation, political opinions, and sexual preference.

2.3.- Data subject. The natural person (DATA SUBJECT) identified or corresponding to the personal data.

2.4.- Responsible party. A natural or legal person (THEGC) of a private nature who decides on the processing of personal data.

2.5.- Processor. The natural or legal person who solely or jointly with others processes personal data on behalf of the responsible party.

2.6.- Processing. The obtaining, use (which includes access, management, utilization, transfer, or disposal of personal data), disclosure, or storage of personal data by any means.

  • 2.6.1.- Transfer. Any communication of data made to a person other than the responsible party or processor.
  • 2.6.2.- Referral. The communication of personal data between the responsible party and the processor, inside or outside the territory of Mexico.

2.7.- Third party. The natural or legal person, whether national or foreign, other than the DATA SUBJECT or the responsible party of the data.

2.8.- ARCO Rights. Rights of Access, Rectification, Cancellation, and Opposition.

2.9.- Tacit Consent. It will be understood that the DATA SUBJECT has consented to the processing of the data when, having been provided with the Privacy Notice, they do not express their opposition.

2.10.- Primary purposes. Those purposes for which personal data are primarily requested and which give rise to the relationship between THEGC and the DATA SUBJECT.

2.11.- Secondary purposes. Those purposes that are not essential to the relationship between THEGC and the DATA SUBJECT, but whose processing contributes to the fulfillment of THEGC's corporate purpose.


3.- Identity and address of the responsible party collecting personal data

3.1.- The party responsible for obtaining personal data is THEGC, S.A.P.I. DE C.V. (hereinafter referred to as “THEGC”), who commits to respecting the provisions set forth in this Privacy Notice (hereinafter referred to as the “Notice”), which is made available to you in compliance with the Federal Law on the Protection of Personal Data Held by Private Parties (hereinafter referred to as the “Law” or “LFPDPPP” interchangeably) and is applicable to the personal data of individuals such as candidates, employees, clients and/or potential clients, suppliers and/or potential suppliers, distributors, visitors to the physical offices and/or facilities of THEGC, as well as users of THEGC’s WEBSITE, which THEGC obtains as a result of activities related to digital business development and the provision of communication services.

3.2.- The address established by THEGC for the purposes of this notice is Avenida Antea 1088, 3rd Floor, Jurica, C.P. 76100, Querétaro, Querétaro.


4.- Personal data collected

4.1.- THE DATA SUBJECT acknowledges and agrees that THEGC may obtain directly and/or through processors the following personal data, according to the relationship with each DATA SUBJECT:

  • 4.1.1.- Candidates:

    General: full name, date and place of birth, profession, official identification with a photograph, address (street, exterior and interior number, neighborhood, postal code, delegation or municipality), landline and/or mobile phone, email, social security number, RFC, CURP. Academic: level of education, school, study period, degrees obtained, continuing education and/or training courses. Family data: names, ages, education level, phone numbers, and occupations of parents, siblings, children, and spouse. Professional experience: company name, duration of service, address, phone number, position held, reason for separation, name of direct supervisor. Personal and professional references (for which the DATA SUBJECT has consent to share with THEGC): name, address, phone number, occupation, duration of acquaintance. Documentation in copy: curriculum vitae, official identification with a photograph, birth certificate, RFC certificate, CURP certificate, proof of address, social security number, proof of education.

  • 4.1.2.- Employees:

    General: full name, date and place of birth, age, sex, nationality, marital status, profession, official identification with a photograph, image or photograph, fingerprint, iris, voice, signature, address (street, exterior and interior number, neighborhood, postal code, delegation or municipality), landline and/or mobile phone, email, social security number, RFC, CURP. Academic: level of education, school and/or institution, degrees obtained. Family data: names, ages, education levels, phone numbers, and occupations of parents, siblings, children, and spouse, contact information in case of emergency. Economic data: bank account details (account number, CLABE, bank). Professional experience: company name, duration of service, address, phone number, position held, reason for separation, name of direct supervisor. Personal and professional references (for which the DATA SUBJECT has consent to share with THEGC): name, address, phone number, occupation, company they work for. Documentation in copy: curriculum vitae, official identification with a photograph, RFC certificate, CURP certificate, social security number, birth certificate, proof of address, proof of education, professional license, bank statement.

  • 4.1.3.- Clients and/or Prospective Clients:

    Full name, nationality, address (street, number, neighborhood, city, state, delegation or municipality, postal code), landline and/or mobile phone, email, RFC, credit card details, bank details (account number, CLABE, bank), name of the company’s legal representative, company charter, legal power of attorney of the representative registered in the Public Registry of Property and Commerce, billing data and address (street, number, neighborhood, city, state, delegation or municipality, postal code). Documentation in copy: official identification with a photograph, company charter, power of attorney of the legal representative registered in the Public Registry of Property and Commerce, RFC certificate, proof of address, bank statement.

  • 4.1.4.- Suppliers, Prospective Suppliers, and Service Providers:

    Full name, date and place of birth, age, sex, nationality, profession, official identification with a photograph, image or photograph, signature, address (street, number, neighborhood, city, state, delegation or municipality, postal code), landline and/or mobile phone, email, CURP, RFC, name of the legal representative, company charter, billing data and address (street, number, neighborhood, city, state, delegation or municipality, postal code), bank details (name of the bank, account, and CLABE account, SWIFT, ABBA, in case of international transfers). Documentation in copy: official identification with a photograph, tax identification certificate, RFC certificate, proof of address, company charter, legal power of attorney of the representative registered in the Public Registry of Property and Commerce.

  • 4.1.5.- Distributors:

    Full name, date and place of birth, age, sex, nationality, profession, official identification with a photograph, image or photograph, address (street, number, neighborhood, city, state, delegation or municipality, postal code), landline and/or mobile phone, email, CURP, RFC, bank details (name of the bank, account, and CLABE account, SWIFT, ABBA, in case of international transfers), tax data, account statement. Documentation in copy: official identification with a photograph, tax identification certificate, RFC certificate, CURP certificate, proof of address, bank statement.

  • 4.1.6.- Visitors to THEGC's Physical Offices and/or Facilities:

      Full name, date and place of birth, age, sex, nationality, profession, official identification with a photograph, image or photograph, address (street, number, neighborhood, city, state, delegation or municipality, postal code), landline and/or mobile phone, email, RFC, CURP. Documentation in copy: official identification with a photograph, tax identification certificate, RFC certificate, CURP certificate.

  • 4.1.7.- User of THEGC's WEBSITE:

    Full name, age, sex, nationality, profession, address (street, number, neighborhood, city, state, delegation or municipality, postal code), landline and/or mobile phone, email, RFC, social media usernames, credit card details, bank details (name of the bank, account, and CLABE account, SWIFT, ABBA, in case of international transfers), tax data. Documentation in copy: official identification with a photograph, tax identification certificate, RFC certificate, CURP certificate, proof of address, bank statement.

4.2.- THE DATA SUBJECT hereby grants their express consent in accordance with Article 8 of the LFPDPPP for THEGC to process their personal data, including so-called financial and/or property personal data contained in this clause, in order to fulfill the purposes established in this Privacy Notice.

4.3.- THEGC states that it will not process sensitive personal data of THE DATA SUBJECT of any kind.

4.4.- Furthermore, THEGC states that it will not process personal data of minors, in accordance with the applicable Mexican regulations.

4.5.- THE DATA SUBJECT hereby, under the oath of truth, accepts that the data they have provided to THEGC is true, current, and correct. Additionally, they commit to indemnifying and holding THEGC harmless from any lawsuit or claim arising from errors in the data they have provided.

4.6.- THEGC states that it may obtain the personal data of THE DATA SUBJECT through so-called public access sources, in order to validate and update the data of THE DATA SUBJECT, while respecting at all times the reasonable expectation of privacy referred to in Article 7 of the LFPDPPP.

4.7.- THEGC will use IP information (Internet Protocol) to analyze any type of threats to THEGC's WEBSITE, as well as to collect demographic information. However, IP information will under no circumstances be used to identify THE DATA SUBJECTS, except when there is a likelihood of fraudulent activity.


5.- Purposes of processing personal data

5.1.- THEGC agrees and acknowledges that it may process the personal data of THE DATA SUBJECT, directly and/or through processors, in accordance with the type of relationship it has with THE DATA SUBJECT, for the following primary purposes:

5.2.- In the context of providing services and products in the United States, THEGC INC., an authorized licensee of THEGC S.A.P.I. de C.V., may have access to personal data for the proper marketing and support of the products and services offered in that territory. This data transfer will be carried out in accordance with the applicable data protection laws and always under the privacy standards of THEGC S.A.P.I. de C.V.

  • 5.2.1.- THE DATA SUBJECT – Candidate:
    • a) To contact THE DATA SUBJECT – Candidate via email, landline or mobile phone, social media, Skype, or another messaging platform, or by any other means, to follow up and evaluate the experience and studies of THE DATA SUBJECT – Candidate, to understand the feasibility of being selected and the potential success in the position they intend to hold.
    • b) To understand the work experience of THE DATA SUBJECT – Candidate as well as their competencies for the position they are attempting to fill.
    • c) To create a physical and electronic file for THE DATA SUBJECT – Candidate that will be kept at THEGC's address for up to one year in case they are not selected for the position they intend to hold.
    • d) To carry out the necessary selection and personnel management procedures with the required government institutions.
    • e) To conduct socio-economic research and studies to verify the information provided by THE DATA SUBJECT – Candidate.
    • f) To contact the individuals that THE DATA SUBJECT – Candidate has indicated as personal and/or professional references.
  • 5.2.2.- THE DATA SUBJECT – Worker:
    • a) To create a physical and electronic file for THE DATA SUBJECT – Worker that will be retained at THEGC's address for the duration of the employment relationship and for up to ten years after its termination.
    • b) To carry out the necessary procedures to obtain a debit card for the deposit of salary and/or commissions and other benefits accrued in favor of THE DATA SUBJECT – Worker.
    • c) To monitor attendance and entry/exit times of THE DATA SUBJECT – Worker at THEGC's workplace.
    • d) To draft letters or contracts for the assignment of tools required by THE DATA SUBJECT – Worker for the execution of their work activities.
    • e) To carry out the necessary procedures for registration, cancellation, or modifications to THE DATA SUBJECT – Worker’s records with the Mexican Social Security Institute and/or the required government institutions.
    • f) To process the payment of salary and benefits for THE DATA SUBJECT – Worker, as well as to deduct alimony required by court order.
    • g) To manage life insurance and benefits granted by THEGC.
    • h) To record and store the images of THE DATA SUBJECT – Workers in different databases to maintain control of workers' entry and exit who perform their duties at THEGC, which is part of the security measures adopted within the organization.
    • i) To record the voice of THE DATA SUBJECT – Worker in order to offer the products and/or services marketed by THEGC, as well as to provide technical support services offered by THEGC.
    • j) To monitor the service provided by THE DATA SUBJECT – Worker and ensure that it complies with THEGC's policies.
    • k) To transcribe the calls made by THE DATA SUBJECT – Worker with THE DATA SUBJECT – Client, from audio to text, through recognition software systems.
    • l) To provide and improve the services offered by THEGC.
    • m) To store and use input texts processed by the service solely to supply and maintain the service, and to improve the quality of the services offered by THEGC and other machine learning technologies.
    • n) To allow THEGC's support team to access the account and/or control panel of THE DATA SUBJECT – Client to provide technical support, modify, and assist with the configuration of the service, provided that THEGC has the express consent of THE DATA SUBJECT – Client through any means.
  • 5.2.3.- THE DATA SUBJECT – Client and/or Client Prospect:
    • a) To contact THE DATA SUBJECT – Client via phone, email, social media, or any other means to address and follow up on requests for products and/or services.
    • b) To process the financial and/or patrimonial personal data of THE DATA SUBJECT – Client to provide the products and/or services marketed by THEGC.
    • c) To provide THE DATA SUBJECT – Client with the products and/or services that THEGC markets, according to requests made through any means, so that THE DATA SUBJECT – Client can benefit from the required products and/or services.
    • d) To contact THE DATA SUBJECT – Client by any means to clarify and follow up on payments or any other situation arising from the products and/or services provided by THEGC, such as complaints or comments about them.
    • e) To register and update the data in the internal business management system, in the internal software, platforms, and portals used by THEGC for access to personal data by authorized personnel.
    • f) To contact THE DATA SUBJECT – Client to carry out collection management and outstanding debts; if applicable, to contact the individuals that THE DATA SUBJECT – Client has authorized as payment contacts.
    • g) To create and store a physical and/or electronic file of THE DATA SUBJECT – Client for the duration of the business relationship and for up to ten years after the termination of the business relationship.
    • h) To issue electronic invoices and credit notes arising from the products or services marketed by THEGC. These invoices, in both physical and electronic format, as well as the credit notes, will be retained by THEGC for the duration of the commercial relationships and for ten years thereafter.
    • i) To coordinate meetings with THE DATA SUBJECT – Client via phone, email, social media, Skype, or any other means, whether in physical or digital support.
    • j) To generate a record in THEGC’s client databases that will be retained for ten years.
    • k) To carry out transactions with credit institutions resulting from commercial operations.
    • l) To request references from the Credit Bureau.
    • m) If THE DATA SUBJECT – Client is from outside the area, to carry out the necessary procedures for the shipment of products or delivery of services marketed by THEGC.
    • n) To conduct procedures with government authorities.
    • o) To perform the necessary procedures to grant lines of credit.
    • p) To record the voice of THE DATA SUBJECT – Client and/or third parties with whom THE DATA SUBJECT – Client communicates, in order to offer the products and/or services marketed by THEGC, as well as to assess the quality of the services and/or products offered by THEGC.
    • q) To transcribe the calls made by THE DATA SUBJECT – Client from audio to text, using recognition software systems.
    • r) Additionally, THE DATA SUBJECT – Client’s voice data will be used by THEGC to provide and improve voice recognition services and to facilitate access to THE DATA SUBJECT – Client's conversation history, as well as to detect negative or positive sentiments generated through THE DATA SUBJECT – Client's interactions with THEGC.
    • s) To monitor the service offered by THEGC and ensure that THE DATA SUBJECT – Client complies with the reasonable use of the service.
    • t) To store and use input texts processed by the service solely to supply and maintain the service, and to improve the quality of the services offered by THEGC and other machine learning technologies.
    • u) To allow THEGC's support team to access the account and/or control panel of THE DATA SUBJECT – Client to provide technical support and assist with service configuration, provided that THEGC has the express consent of THE DATA SUBJECT – Client through any means.
  • 5.2.4.- THE DATA SUBJECT – Supplier, Supplier Prospect, and/or Service Provider:
    • a) To contact THE DATA SUBJECT – Supplier via phone, email, or any other means to clarify and follow up on service and/or product requests, payments, or any other situation arising from the products or services provided to THEGC.
    • b) To register in the Supplier profile in the internal management system for access by authorized personnel, which will be retained for the duration of the commercial relationship and for ten years thereafter.
    • c) To contact THE DATA SUBJECT – Supplier by any means to clarify and follow up on payments or any other situation arising from the products and/or services required by THEGC.
    • d) To retain electronic invoices and credit notes generated for the products and/or services required by THEGC for a period of up to ten years in both physical and electronic formats.
    • e) To retain contracts entered into by THEGC with its suppliers for a period of up to ten years, both in physical and electronic formats, once they have concluded.
    • f) To make bank transfers in connection with the product and/or service requests made by THEGC.
    • g) To maintain a physical and/or electronic file of the Supplier for the duration of the commercial relationship and for ten years following its termination for any reason.
    • h) To register them in the accounting system for access to personal data by authorized personnel.
  • 5.2.5.- THE DATA SUBJECT – Distributor:
    • a) To contact THE DATA SUBJECT – Distributor via phone, email, or any other means to clarify and follow up on service and/or product requests.
    • b) To process the financial and/or patrimonial personal data of THE DATA SUBJECT – Distributor to provide the products and/or services marketed by THEGC.
    • c) To contact THE DATA SUBJECT – Distributor by any means to clarify and follow up on payments or any other situation arising from the products and/or services required by THEGC.
    • d) To register and annually update the data in the internal software, platforms, and/or portals of THEGC for access to the personal data of authorized personnel.
    • e) To create and store a physical and/or electronic file of the Distributor for the duration of the commercial relationship and for ten years following its termination for any reason.
    • f) To issue electronic invoices and credit notes arising from the products and/or services marketed by THEGC.
    • g) To conduct transactions with credit institutions resulting from commercial operations.
    • h) To carry out the necessary procedures to grant lines of credit, such as requesting references from the Credit Bureau, verifying bank and commercial references.
    • i) To use cloud services to make THEGC's internal processes more efficient.
    • j) To generate a record in THEGC’s Distributor databases that will be retained for ten years.
    • k) To issue electronic invoices and credit notes arising from the products or services marketed by THEGC. These invoices, in both physical and electronic formats, as well as the credit notes, will be retained by THEGC for the duration of the commercial relationships and for ten years thereafter.
  • 5.2.6.- THE DATA SUBJECT – Visitor to THEGC's Physical Offices and/or Facilities:
    • a) To store images of visitors to THEGC's physical address in different databases, with the purpose of maintaining control over the entries and exits of those visiting its facilities. This is part of the security measures adopted within the premises. The images captured through video surveillance systems, as well as other personal identification data of THE DATA SUBJECT – Visitor, will be retained for a period not exceeding one year from the date of capture.
  • 5.2.7.- THE DATA SUBJECT – User of THEGC's WEBSITE:
    • a) To contact THE DATA SUBJECT – User via phone, email, or any other means to address and follow up on their comments or requests made through THEGC's WEBSITE.
    • b) To access the social media platforms in which THEGC participates.
    • c) To send information and promotions, following a request made by THE DATA SUBJECT – User through the form available on THEGC's WEBSITE under the “Contact” tab.
    • d) To store THE DATA SUBJECT – User's information in different databases, in physical or electronic format; such records will be kept for a term of one year from their collection, provided that no commercial operations are concluded with THEGC.
  • 5.2.8.- THEGC may process the personal data of THE DATA SUBJECT for the following secondary purposes:
    • a) In the case of THE DATA SUBJECT – Client, to evaluate the quality of the services and/or products offered, as well as the quality of attention given to their comments or requests.
    • b) To conduct internal studies on consumption habits.
    • c) To provide additional communications, information, and promotions, such as newsletters and invitations to events.
    • d) To inform via email about changes or new products or services related to those requested by THE DATA SUBJECT.
    • e) To generate internal reports on the usage of THEGC's WEBSITE.
    • f) For mass email marketing campaigns.
    • g) To contact THE DATA SUBJECT – User in order to inform them about updates to THEGC's WEBSITE, informative messages, and service-related information, including important security updates.
    • h) To mention THE DATA SUBJECT – Client in that capacity on the corporate profile and on THEGC's WEBSITE.
    • i) To inform and/or invite them to participate in courses, training sessions, and/or events organized by THEGC.
    • j) To use general information not associated with THE DATA SUBJECT – Client's account for statistical purposes and for improvements in the quality of the services offered by THEGC.
    • k) To send end-of-year greeting emails to THE DATA SUBJECT – Client.

5.3.- In the event that THE DATA SUBJECT does not wish for their personal data to be used for all or some of the Secondary Purposes set forth in section 5.1.8., they must send a request for the deletion of their data, specifying the purposes for which they do not want their personal data to be processed, to the following email address: contacto@thegurucompany.com.


6.- Use of "Cookies" and "Web Beacons"

6.1.- THEGC's WEBSITE may use "cookies" in connection with certain features or functions. Cookies are specific types of information that a website transmits to THE DATA SUBJECT's computer hard drive to maintain records. Cookies can help facilitate the use of a website by storing passwords and preferences while THE DATA SUBJECT browses the Internet. THEGC's WEBSITE does not use cookies to obtain personal identification data from THE DATA SUBJECT's computer that was not originally sent as part of the cookie.

6.2.- "Web beacons," on the other hand, are images embedded in a webpage or email that can be used to monitor a visitor's behavior, such as storing information about the user's IP address, duration of interaction on that page, and the type of browser used, among others.

6.3.- Although most browsers automatically accept cookies and web beacons, THE DATA SUBJECT can configure their browser to refuse them.

6.4.- To disable cookies, you must follow these instructions:

  • 6.4.1.- On a PC: open the Internet browser, go to the "Tools" menu, enter "Internet Options," select the "Privacy" tab, and move the slider in the Settings to "Block all Cookies."
  • 6.4.2.- On a Mac: open the Internet application, go to "Preferences," select the "Security" option, and choose "Never" for the "Accept Cookies" option.

7.- Limitations on Access and Disclosure of Personal Data

7.1.- THEGC is committed to making its best effort to protect the security of the personal data that THE DATA SUBJECT provides by entering into legal acts and using technologies that control access, use, or unauthorized disclosure of personal information. To this end, personal information is stored in databases with limited access located in controlled facilities with security mechanisms. THEGC commits to treating the information provided by THE DATA SUBJECT as confidential and using it under full privacy, in compliance with the principles and duties related to the processing of personal data and applicable regulations in this area.

7.2.- In this regard, THEGC undertakes to take the necessary measures to ensure that the Data Processors it employs comply with the provisions set forth in this Privacy Notice, with their obligations, and particularly with the provisions established in Article 50 of the LFPDPPP Regulation.

7.3.- Additionally, THEGC undertakes to hire cloud computing services that process the personal data of the DATA SUBJECTS, provided that these services comply with the provisions of Article 52 of the LFPDPPP Regulation.

7.4.- Furthermore, you are informed that to avoid receiving general advertising, you can register in the Public Registry to Avoid Advertising. For more information, you can review the website of the Federal Consumer Protection Agency (PROFECO). Additionally, another way to limit the processing of your personal data is through the Public Registry of Users managed by the National Commission for the Protection and Defense of Financial Services Users (CONDUSEF).


8.- Designated for Processing Requests

8.1.- If THE DATA SUBJECT needs to revoke their consent, as well as Access, Rectify, Cancel, or Object to the processing of the personal data they have provided, they must do so through the following individuals designated by THEGC, whose information is described below:

Designated: Personal Data Protection Area.

Email: contacto@thegurucompany.com


9.- Means to Revoke Consent

THE DATA SUBJECT may revoke the consent granted upon acceptance of this document. Such revocation of consent, made through electronic means, must follow the procedure outlined below, using the following format: [INSERT PDF FORMAT]

9.1.- Send an email to the designated person mentioned in point 8 of this Notice, through which such requests will be addressed.

9.2.- Send a request or data message to the specified email, stating:

  • 9.2.1.- The full name of THE DATA SUBJECT, their address, and email to receive the response generated due to their request;
  • 9.2.2.- The reason for their request;
  • 9.2.3.- The arguments supporting their request or petition;
  • 9.2.4.- An official document that verifies their identity and demonstrates that they are who they claim to be; and
  • 9.2.5.- The date from which the revocation of their consent becomes effective.

9.3.- THEGC will notify THE DATA SUBJECT, within a maximum period of 20 days from the date the request for revocation of consent is received, of the resolution adopted so that, if it is appropriate, it can be made effective within the following 15 days from the date the response is communicated, through a message stating that all necessary actions to stop processing THE DATA SUBJECT's personal data have been executed.


10.- Means to Exercise ARCO Rights

10.1.- If THE DATA SUBJECT needs to Access, Rectify, Cancel, or Object to the personal data they have provided to THEGC, THE DATA SUBJECT must follow the procedure outlined below, using the following format:

10.2.- Send an email to the designated person mentioned in point 8 of this Notice, through which such requests will be addressed, stating the following:

  • 10.2.1.- The full name of THE DATA SUBJECT, their address, and email to receive the response generated due to their request;
  • 10.2.2.- The reason for their request;
  • 10.2.3.- Arguments supporting their request or petition;
  • 10.2.4.- An official document that verifies their identity and demonstrates that they are who they claim to be;
  • 10.2.5.- A clear and precise description of the personal data for which they wish to exercise any of the ARCO rights, and any other element or document that facilitates the location of the personal data.
  • 10.2.6.- In the case of requests for rectification of personal data, THE DATA SUBJECT must also indicate the modifications to be made and provide documentation supporting their request.

10.3.- THEGC will notify THE DATA SUBJECT, within a maximum period of 20 days from the date the request for access, rectification, cancellation, or opposition is received, of the resolution adopted so that, if appropriate, it can be made effective within the following 15 days from the date the response is communicated. In the case of requests for access to personal data, the delivery will proceed after verifying the identity of the applicant or legal representative, as applicable.

11.- Transfer of Personal Data

11.1.- THEGC commits not to transfer or share the data referred to in this Notice with third parties, except in cases where it is necessary to fulfill the purposes of this notice or required to comply with a governmental authority's request.

11.2.- Additionally, in compliance with its legal obligations, and for informative purposes to THE DATA SUBJECT, it is indicated that THEGC may carry out the following transfers:

  • 11.2.1.- IMSS, INFONAVIT, and SAT, in order to comply with labor legislation, social security, and tax payments.
  • 11.2.2.- Banking institutions, to carry out the collection or payment for the products or services, or to pay the salaries of workers required or offered by THEGC for its clients, suppliers, and workers.
  • 11.2.3.- To companies that are part of the same economic group to which THEGC belongs.

11.3.- Notwithstanding the above, in the event of security breaches occurring at any phase of processing that significantly affect the patrimonial or moral rights of THE DATA SUBJECTS, they will be informed immediately by email so that they can take the appropriate measures to defend their rights, releasing THEGC from any liability if the breach is not attributable to it.


12.- Modifications

12.1.- The parties agree that the Privacy Notice may be modified at any time and in the manner that THEGC determines, considering the studies and regulations regarding the protection of personal data that may arise. Therefore, THEGC is obligated to keep this notice updated for consultation on THEGC's WEBSITE so that, if applicable, THE DATA SUBJECT can exercise their ARCO rights.


13.- Guaranteeing Authority

13.1.- If you believe that your right to the protection of your personal data has been violated by any conduct or omission on our part, or suspect any violation of the provisions established in the Federal Law on the Protection of Personal Data Held by Private Parties, its Regulation, and other applicable regulations, you may file your complaint or report with the National Institute for Transparency, Access to Information, and Protection of Personal Data (INAI). For more information, we suggest visiting their official website www.inai.org.mx.


14.- Applicable Law and Jurisdiction

14.1.- The parties express that this notice will be governed by the applicable legal provisions in the United Mexican States, especially by the provisions of the Federal Law on the Protection of Personal Data Held by Private Parties, its Regulation, and other applicable linked regulations.

14.2.- In the event of a dispute or controversy arising from the interpretation, execution, or compliance with the notice or any documents derived from it or related to it, the parties will amicably seek to reach an agreement within 30 natural days from the date any difference arises and is notified in writing to the other party, proceeding to mediation before the Alternative Justice Center of Mexico City, formerly known as the Federal District, in accordance with the Alternative Justice Law of the Superior Court of Justice of Mexico City and its Internal Regulation, in force at the time the controversy is presented.

14.3.- If the parties do not reach an agreement, they hereby agree to submit all disagreements arising from this Privacy Notice or any documents derived from it, or related to it or those documents, to be definitively resolved under the jurisdiction and laws of the Federal Administrative Authorities or Courts of Mexico City, expressly waiving any other jurisdiction that may correspond to them due to their present or future domiciles.

Version 1.2 [Date of Update: November 12, 2019]

WhatsApp