This Privacy Notice is addressed to the holders of personal data in possession of TENSA CONSTRUCCIONES, S.A.P.I. DE C.V.

Your privacy and your trust are important to our company. Consequently, we hereby intend to ensure that you are fully informed of how our company guarantees the integrity, privacy and protection of your personal data in compliance with article 16 of the Constitution, the Federal Law for the Protection of Personal Data in the possession of Private Persons, published in the Official Gazette of the Federation on July 5, 2010, with its bylaws and regulations, published in the Official Gazette of the Federation on December 21, 2011, as well as with the guidelines for Privacy Notices published in the Official Gazette of the Federation on January 17, 2013 (hereinafter referred to as the Law), by issuing the following Privacy Notice:

I. Identification of the Party Responsible for processing collected personal data.
TENSA CONSTRUCCIONES, S.A.P.I. DE C.V., which will hereafter be referred to as “THE COMPANY”, and whose offices are located on 158 Juan Palomar Arias Avenue, in the Jardines Vallarta District, Municipality of Zapopan, Jalisco. Postal Code 45027, hereby informs all persons whose personal data may have come in contact or been collected by “THE COMPANY” of the process it will follow to handle those personal data, which will be used solely for the purposes described below.

II. Personal Data.
The personal data that will be collected and processed by “THE COMPANY”, which consist of personal information about the dataholder, may include but will not be limited to: their full name, address, proof of address, telephone number(s), e-mail address, other identification data, fiscal information, bank account number, bank e-transfer number, and other data that may be deemed strictly necessary for the purposes described below, as well as other non-written information contained in electronic files, such as their likeness and their voice.
At the same time, we hereby inform all personal dataholders that, for security reasons, all persons entering the offices and facilities of “THE COMPANY” may be recorded on video by our security cameras.
The images recorded by our closed-circuit cameras will be used for our customers and visitors’ security in order to conduct remote monitoring of the premises and assess and confirm any risk situation in real time.

III. Purposes of Personal Data collection and processing.
“THE COMPANY” will collect all personal data that it deems necessary for the creation of a customer’s file, for the delivery of estimates and financial proposals related to requested services, for the collection and review of personal data required for the preparation of contracts, invoicing and follow up on debt collection, for the convening of work meetings and delivery of documentary supports, reconciliations and authorizations of estimates, and, in general, for carrying out all the necessary actions to provide our customers with the personal service they require.
All these personal data will be kept under strict confidentiality and will not be used for purposes other than those described above, unless there is an update or change in this Privacy Notice.

IV. Personal Data Collection.
“THE COMPANY” will collect personal data in strict compliance with the principles established by the Law, such as legality, consent, information, quality, finality, loyalty, proportionality and responsibility.

Personal data will be collected directly from their holder, or through our website.

V. Options and means to limit the use or disclosure of personal data.
“THE COMPANY” has implemented all necessary security, administrative, technical and physical measures to protect all personal data against damage, loss, tampering, destruction and/or unauthorized access, handling or use.

All personal data will be safeguarded in a database owned by “THE COMPANY” and housed in computers equipped with all necessary security measures to prevent information leaks. Additionally, “THE COMPANY” will use physical and logical access controls as well as antivirus protective software and regular inspection and maintenance visits by specialized technicians in order to preserve and improve data security in “THE COMPANY’s” information systems.

The information security tools described in the previous section are bolstered by strict internal policies that train all sensitive employees in the security considerations that have to be taken into account when using a system that collects sensitive information from the public, and these policies are constantly reinforced. Nevertheless, all personal dataholders should be aware that no measure or system of measures is 100% secure. In view of this, in case there is a breach of the security measures implemented by “THE COMPANY”, a theft or loss of information, computers or other equipment containing this information, “THE COMPANY” commits itself to immediately inform all personal dataholders of any breach that significantly affects their property rights, so that they can take all necessary actions in defense of such rights.

In view of the former, hereby we inform all personal dataholders of the options they have if they wish to place a restriction on the use or disclosure of the personal information that is discussed in this Notice:

a) In writing, by sending a letter to the Personal Data Protection Department (at the address indicated in section VI below); or a message conveyed by electronic mail directed to any of the following addresses: diana.ramos@tensa.mx, claudia.rodriguez@tensa.mx, lidia.ibarra@tensa.mx.
b) By telephone interview with the staff of the Personal Data Protection Department at phone number (33) 3151 1910.

VI. Personal Data Protection Department.
The Personal Data Protection Department at “THE COMPANY” will be staffed by DIANA RAMOS ALTAMIRANO /CLAUDIA CATALINA RODRIGUEZ GASPAR / MARIA LIDIA IBARRA TORRES, with address on 158 Juan Palomar Arias Avenue, in the Jardines Vallarta District, Municipality of Zapopan, Jalisco. Postal Code 45027, with the following service schedule: Monday through Friday from 9:00 to 14:00 hours, with the following e-mail addresses: diana.ramos@tensa.mx, claudia.rodriguez@tensa.mx, lidia.ibarra@tensa.mx, phone (33) 3151 1910.

VII. Means by which personal dataholders can exercise their access, rectification, cancellation and objection rights in conformity with the provisions of the Law.
Personal dataholders can exercise their ARCO (access, rectification, cancellation and/or opposition) rights by directly contacting the Personal Data Protection Department by electronic mail at the following addresses: diana.ramos@tensa.mx, claudia.rodriguez@tensa.mx, lidia.ibarra@tensa.mx, and making a formal request.
Such request must contain the information and include the required documentation in conformity with the provisions of article 29 of the Law, such as:

• The name and address of the personal dataholder or other means by which we can convey our official reply to their request.
• Documents by which the personal dataholder’s identity or legal representation can be verified.
• A clear and precise description of the personal information on which the personal dataholder wishes to exercise one the rights previously described.
• Any other data or documents that can facilitate the location of the personal data, as well as any other document required by standing legislation at the time of filing the personal dataholder’s request.

“THE COMPANY” will not be required to cancel those personal data that meet the circumstances and provisions established by Law, among which are the following: that those personal data identify one or more parties to a social, management or private contract and are necessary to the drawing and fulfilment of such contract; that those data are required by standing legislation; that the cancellation of those data will hinder judicial or administrative actions linked to fiscal obligations, criminal investigations or prosecutions, or restatement of administrative sanctions; that those data are necessary to protect the personal dataholder’s legally protected rights; that those data are necessary to carry out actions in the public interest; that those data are necessary to fulfil a legally contracted obligation by the personal dataholder, and, that the processing of those data is necessary to carry out actions related to medical preventive care or medical diagnosis or the procurement of medical services, provided that such actions are carried out by a medical professional who is subject to a duty of secrecy.

For more information on how to exercise their access, rectification, cancellation and/or opposition rights, personal dataholders can direct their inquiries to the staff in charge of Personal Data processing whose contact data are contained in section VI of this Privacy Notice.

VIII. Data Sharing with third parties.
Through this Privacy Notice, “THE COMPANY” informs all personal dataholders that it may share personal dataholder’s information to third parties for purposes that are strictly necessary for the fulfilment of the contract relationship that links it to that personal dataholder. These third parties may include but not be limited to the following:

● External consultants: contract reviews
● Package delivery services: document shipments
● Insurance companies: issuance of construction site insurance policies
● Bonding companies: issuance of construction site bonds
● Social security: registration of construction projects for worker insurance purposes
● Subcontractors: preparation of contracts

Additionally, personal dataholders’ information will be shared with third parties:
● When it is formally required by any national or international authority, provided it is under strict compliance with the provisions of Mexican legislation in the ways and by the means established by the current Law.

In all cases, “THE COMPANY” will disclose the contents of this Privacy Notice to all third parties, who will be bound to safeguard, use and process all personal dataholders’ information in strict compliance with the terms of this Privacy Notice.

If a personal dataholder does not clearly manifest their opposition to the sharing of their personal information, we will understand and assume that their consent has been given.

IX. Withdrawal of Consent.
All personal dataholders can at any moment withdraw their consent to the use and processing of their personal information. To that effect, they must send a written request stating their decision to the Personal Data Protection Department. This request may either be physically mailed or shipped to the Department’s address or electronically conveyed at the e-mail addresses indicated in section VI of this Privacy Notice.

We will analyze the personal dataholder’s request in order to determine whether it is appropriate and applicable within a period of no more than 20 working days after reception of such request. If such is the case, the requested change will come into effect within 15 working days of the date that the personal dataholder receives our official reply at the e-mail address they have designated for that purpose.

X. Consent of the Personal Dataholder.
I hereby consent to the collection, use and processing of my personal data in compliance with the terms and provisions of this Privacy Notice.

XI. Changes to this Privacy Notice.
This Privacy Notice may be changed, modified or updated as a result of new legal requirements, changes in our own needs derived from the services we render, changes in our privacy policies, changes in our business model or other causes.
We hereby commit ourselves to keep all personal dataholders informed of any changes to this Privacy Notice at the website https://tensa.mx/en/privacy-notice or by specific request addressed to the following e-mail addresses: diana.ramos@tensa.mx, claudia.rodriguez@tensa.mx, lidia.ibarra@tensa.mx

Date of the latest update to this Privacy Notice:
December 04, 2019.