Supplier Privacy Notice

  1. Identity and Address of the Responsible Party.

In accordance with the provisions of the Federal Law on Protection of Personal Data Held by Private Parties (the "Data Law"), its Regulations, and other applicable provisions, we inform you that Bluecomer, S. de R.L. de C.V. (the "Responsible Party"), with address at Circuito Plaza Esmeralda No. 19 local 205 Col. Rancho Viejo, Municipality of Atizapán de Zaragoza, State of Mexico, C.P. 52930 (the "Contact Address"), will treat your personal data under the terms of this privacy notice.

 

  1. Contact Details of the Responsible Party. 

 

The Responsible Party has designated a personal data manager (the "Privacy Officer"). Should you wish for any information regarding this privacy notice or in relation to the exercise of any of your rights derived from the processing of your personal data, please contact our Privacy Officer by sending an email to the following address: infoblue@bluecomer.com

 

  1. Personal Data to be Processed.

To achieve the purposes contained in this Notice, the Responsible Party may obtain and process the following personal data of the Holder: 

  • Fiscal, patrimonial, and/or financial data,

  • Employment, contact, and/or location data.

  • Identification data,  

  • Location data, 

  • Contact data, 

  • Legal background data. 

 

In certain cases, the Responsible Party also collects the full name and telephone number of references provided by the Holder, for the purpose of being contacted by the Responsible Party and offering the Services. The Holder declares and accepts that they have the consent of those persons whose personal data they provide, on the understanding that said data will be governed by this privacy notice published at www.bluecomer.com.

 

  1. Purposes of the Processing of your Personal Data.

 

Your personal data will be processed for the following purposes:

 

  1. Necessary for the legal relationship with the Responsible Party: 

 

  1. Participate in the evaluation, selection, and recruitment process of Suppliers for the Responsible Party.

  2. Request personal and labor references from you (the "Holder").

  3. Perform internal investigations and procedures that allow us to verify if the prospective supplier meets the requirements established in our internal policies and in the applicable regulations to be a supplier for the Responsible Party. 

  4. Implement internal policies regarding the prevention of operations with resources of illicit origin. 

  5. Likewise, if the prospective supplier is fit to be a supplier for the Responsible Party, we will process your personal data to: 

  • Manage your access to our facilities. 

  • Perform internal and external audits. 

  • Attend to requirements requested by competent authorities that, within their control and specialty, require it through an official information letter. 

  • Attend to legal conflicts promoted before the competent authorities. 

 

  1. Not necessary for the legal relationship between the Responsible Party and the Holder: 

  • Offer you additional opportunities to be a supplier. 

  • For your participation in events organized by the Responsible Party. 

  • To use your image in videos or communications of the Responsible Party. 

  • For statistical purposes of evaluating the Responsible Party. 

  • To give references of you. 

  • To send you additional communications to those necessary for the service provided.  



  1. Means to Exercise ARCO Rights  

 

The Holder may exercise at any time their rights of access, rectification, cancellation, or opposition to the processing we give to their personal data (the "ARCO Rights"). It is important to mention that the exercise of each of these rights is independent of each other, that is, it is not necessary to exhaust one to exercise any of the others.

Each of the rights respectively allows you to:

  1. Access: The Holder may request at any time to know what data of theirs has been collected and is kept by the Responsible Party in its databases, as well as the details of their processing.

  2. Rectification: In the event that any of your data is inaccurate or incomplete, you may request the Responsible Party to correct it in the databases, attaching the documentation that proves said modification.

  3. Cancellation: You may request the cancellation of your data from the databases held by the Responsible Party at any time when you consider that they are not required for the purposes indicated in this privacy notice, are being used for non-consented purposes, or our legal relationship has ended; if the request is appropriate, the data will be blocked and cannot be processed in any way.

  4. Opposition: At any time, the Holder may oppose the Responsible Party processing their data for specific purposes, for example, for sending advertising.

To exercise ARCO Rights, the Holder or their legal representative must prepare the "ARCO Rights Exercise Request" which can be requested at the email infoblue@bluecomer.com and must send it scanned, or present it at the Contact Address, to the attention of the Privacy Officer, for attention and follow-up.

For our Privacy Officer to follow up on your request, you or your legal representative must correctly prove your identity, for which it is necessary to complete all the fields indicated in the ARCO Rights Exercise Request and accompany it with a copy of one of the current official identifications indicated in it.

In the event that the information provided is erroneous or insufficient, or the corresponding accreditation documents are not attached, our Privacy Officer, within five (5) business days following receipt of the request, may require you to provide the elements or documents necessary to process it. You will have ten (10) business days to attend to the requirement, counted from the day following that in which you received it. If no response is given within said period, the corresponding request will be deemed not presented.

Our Privacy Officer will communicate the determination adopted to you within a maximum period of twenty (20) business days from the date the request was received, so that, if appropriate, it becomes effective within fifteen (15) business days after the response is communicated.

In case of exercising your right of access, the Privacy Officer will deliver your data through the email you indicate in the Request for the exercise of the Rights of the holders.

 

  1. Options to Limit the Use or Disclosure of your Personal Data. 

 

You may limit the use or disclosure of your personal data by sending your request to our Privacy Officer at the address: infoblue@bluecomer.com. The requirements to prove your identity, as well as the procedure to attend to your request, will be governed by the same criteria indicated in the previous section. 

If your request is appropriate, our Privacy Officer will register it in the exclusion list owned by the Responsible Party. 

 

  1. Transfers of your Personal Data.

 

We inform you that, to comply with the purposes mentioned in section III above, the Responsible Party may transfer the Holder's personal data without their consent: 

 

  1. To the holding company or to the subsidiaries, affiliates, or member companies of the same group as the Responsible Party.

  2. To third parties that provide services necessary for its operation.

  3. To any authority for the purpose of complying with any applicable law, regulation, or legal provision when the transfer is mandatory. 

  4. In the other cases established by Article 37 of the Data Law.

 

In these cases, we inform you that the Responsible Party, as the party responsible for the personal data, guarantees that this privacy notice will be respected at all times and the necessary measures will be adopted so that the persons who have access to your personal data comply with it, as well as with the principles of personal data protection established in the Data Law.

 

Except in these cases, the Responsible Party will not share or transfer your personal data to third parties with the exception of the cases provided for in the applicable laws, or in the event that the Holder has previously consented to said transfer of their personal data.

 

  1. Use of Cookies and Other Tracking Technologies.

 

We inform you that the Responsible Party does not use cookies or other technologies through which it can collect your personal data without your consent.

 

  1. Security Measures.

 

Your personal data will be protected in accordance with the security, administrative, technical, and physical measures that the Responsible Party has implemented. These measures include policies, procedures, employee training, physical access control, and technical elements related to information access controls.

 

In the event that a security breach occurs at any phase of the processing of your personal data, which significantly affects your patrimonial or moral rights, the Privacy Officer will communicate it to you immediately by email or, if the Responsible Party cannot contact you by email, then it will use traditional mail, so that the Holder can take the necessary measures for the defense of their rights.

 

  1. Changes or Modifications to the Privacy Notice. 

 

The Responsible Party reserves the right to make modifications or updates to this privacy notice at any time, on the understanding that any modification thereto will be made known to the Holder through the visible publication on our website www.bluecomer.com.

 

  1. Consent. 

 

I acknowledge having received this privacy notice and grant my express consent for the processing of my personal data, under the terms of this privacy notice (Refusing the processing of your personal data may result in the impossibility of establishing or continuing the legal relationship with the Responsible Party).





__________________________________

Signature

 

Name____________________________



Date _____________________________