ROOKERIES DEVELOPMENT, VARIABLE CAPITAL LIMITED LIABILITY COMPANY, (hereinafter referred to as the “Controller”), based on articles 15, 16, 17 and other related and applicable provisions of the Federal Law on the Protection of Personal Data Held by Private Individuals, (hereinafter, the "Law"), makes this Privacy Notice available to you, on account of the personal data that it intends to collect from you:
I. General Provisions
For the purposes of this Privacy Notice, these terms have the following meanings:
a. ARCO: Acronym that stands for Access, Rectification, Cancellation and Opposition.
b. Privacy Notice: Physical, electronic or any other format document generated by the Controller that is made available to the owner, prior to the processing of their personal data.
c. Consent: Manifestation of the data owner’s will, by virtue of which said data are processed.
d. Personal Data: Any information concerning an identified or identifiable natural person.
e. Sensitive Data: Any personal data that affects the most intimate sphere of its owner’s life, or the misuse of which may give rise to discrimination or entail a serious risk thereof. In particular, sensitive data includes any data that may reveal aspects such as racial or ethnic origin, present and future health status, genetic information, religious, philosophical and moral beliefs, union affiliation, political opinions, and sexual preference.
f. ARCO Rights: Set of rights that guarantees an individual the power to access, rectify, cancel or oppose the processing of their personal data.
g. Exclusion List: Database intended to register, free of charge, the refusal of any owner to the processing of their personal data.
h. Controller: Private legal entity that decides on the processing of personal data.
i. Owner: Natural person to whom the personal data corresponds.
II. Identity and address of the Controller.
The Controller is a Variable Capital Limited Liability Company, duly organized and validly existing in accordance with the laws of the United Mexican States, which is evidenced with Document Number One Hundred and Twenty-Four, from Book One on the Registry, dated February 2, 2018, granted before Mr. Julio Javier Zenteno Delgado, Notary Public Number 04 practicing in the State of Colima.
For the purposes of this Privacy Notice, the Controller states that its address is the one located at Calle Higuera, Numero Exterior 45, Numero Interior 7, San Nicolas Totolapan, La Magdalena Contreras, Ciudad de Mexico, Codigo Postal 10900.
Additionally, the Controller states that, for the purpose of contacting them, you should reach out to the Personal Data Protection Area at the following e-mail address: firstname.lastname@example.org
III. Collection and processing of personal data.
We hereby inform you that the Controller will obtain your personal data through the following channels:
1. In person: When you come to our facilities and when our executives go to your home or facilities, in order to provide information regarding a request or the process to follow to make use of our services, or when you hire our services and we go to your home in order to install any equipment necessary for the provision of our service.
2. Directly: When you provide us with your personal data to request or hire our services, including the pre-evaluation and evaluation of your request, participate in promotions, offers, raffles, programs, either through our website, our application, by telephone, or through your computer, in the cloud or by any other technological means.
3. Indirectly: From any other documentary or information source commercially available or permitted by law, and when provided by another Owner, a reference or a referral, for the provision of the hired service. This information will be considered complete and correct unless the Owner states otherwise or submits a request to update the data.
The categories of personal data to be collected and subject to processing are:
a) Identification and contact data, including a photo of the Owner of the personal data.
b) Property data.
c) Financial data.
d) Academic data.
e) Employment data.
f) Migration data.
The categories of sensitive data to be collected and subject to processing are:
a) Health status.
b) Physical characteristics and conditions.
c) Personal features.
d) Origin data.
e) Data regarding minors.
f) Biometric data, consisting of fingerprints, in order to record and determine identity.
All the information we receive is provided voluntarily by our users and without any form of coercion.
Once the personal data of third parties, referrals and clients, are provided by you to the Controller for the fulfillment of the identified purposes, you must inform said third parties about the transfer and purpose of their personal data.
The Owner's personal data will be kept strictly confidential, in accordance with the administrative, technical and physical security measures that the Controller implements in its security policies and procedures.
If necessary, the Controller may carry out the investigations and actions it deems necessary, in order to verify by itself, or through third parties hired for this purpose, the veracity of the data provided to them.
For its part, the Owner states that their data are accurate, true and complete and they are the responsibility of the Owner who provides them, and therefore they release the Controller from any responsibility related thereto.
IV. Purpose of the processing of personal data.
The Controller requests the Owner’s personal data in order to:
1. Corroborate your identity and the veracity of the information provided.
2. Open, maintain, manage and track user accounts or registrations.
3. Enter into contracts, purchase orders or any requisition for the acquisition of goods or services, (including, without limitation, telephone and internet sales services), as well as for the processing, delivery, issuance of tax receipts (invoices, credit notes, debit notes, etc.).
4. Deliver your products at your facilities and/or home, and/or provide the acquired services.
5. Provide heart rate, exercise intensity and calorie burn measurements in real time when the Owner contracts this service.
6. Inform and/or contact you by any optical, sound, technological or physical means (WhatsApp, SMS, telephone, email, messaging, among others), regarding the status of your purchases and/or delivery of your products or services;
7. Install and/or assemble your products.
8. The return and/or exchange of products.
9. Compliance with fiscal or other obligations before federal, state or municipal authorities, including, without limitation, statements, account statements and audit circulations.
10. Provide services and assistance to users.
11. Improve our website and application by taking into account user preferences.
12. Respond to your questions, requests, comments or suggestions.
13. Better understand your needs and how we can improve our products and services.
14. Integrate files, databases and systems necessary to carry out the provision of our service.
15. Assign or dispose of our rights derived from the contracts that have been executed and/or from the debt securities that have been signed.
16. Provide the Controller with information related to the contracts that have been executed.
17. Carry out the search and location of the Owner, through any means permitted by law, in the event that contact has been lost and our legal relationship is still in force.
18. Address any judicial requirements from the competent authorities.
19. Send you our promotions through various channels.
20. Invite you to participate in raffles, giveaways and contests.
21. Advertise on social networks, communication and information media, newspapers and magazines.
22. Carry out satisfaction surveys to assess the quality of our products and services.
23. Offer you any of our services and products.
24. Marketing, commercial prospecting and statistical and historical purposes.
For minors, the processing of their personal data will be understood as agreed to, under the terms consented by their guardian, until the Owner states otherwise.
The Controller will keep your personal data during the validity of the contractual relationship or in accordance with the provisions of the applicable laws.
Through this Privacy Notice, the Controller guarantees the Owners’ right to express their refusal to the processing of their personal data in relation to the aforementioned purposes and those that the Owner considers are not necessary for the legal relationship, for which the Owner must inform the Controller about their refusal when the Controller makes this Privacy Notice available to them. This, with the understanding that the express consent granted by the Owner when this Privacy Notice is delivered to them signals their agreement therewith, without any prejudice to their right to revoke said previously granted consent or to exercise their right to oppose the processing of their data in terms of the applicable provisions; rights that in any case shall be guaranteed by the Controller.
In case you do not want your personal data to be processed for the aforementioned purposes, you can submit your Opposition Request right now by sending an e-mail to email@example.com
V. Means for the exercise of the Rights of Access, Rectification, Cancellation or Opposition (ARCO).
The Owner shall be responsible for the accuracy, veracity, truthfulness and validity of their data. The Owner has the right to (i) access any personal data that was collected, (ii) rectify their data, if they are inaccurate or incomplete, (iii) cancel their data when, in their opinion, they are not necessary for any of the purposes indicated in this Privacy Notice and it is legally appropriate, and (iv) oppose the processing of said data, in terms of the Law and the applicable provisions on the matter.
The Owner or their duly accredited legal representative in terms of the applicable common legislation can exercise their ARCO rights by going to the Controller's offices with their current official ID, where our personnel will offer them assistance and capture the request in electronic format; or by submitting their request to the e-mail address “firstname.lastname@example.org”, in order to start the procedure described in section VIII of this privacy notice.
In case of any legal or natural incapacity, such as in the case of minors or disabled people under the legal guardianship of a third party, they may exercise their rights of Access, Rectification, Cancellation or Opposition under the terms described above, through their legal guardian, upon proper identification and accreditation of those who present themselves as such.
The Controller hereby informs that they may deny access to personal data, or refuse a request for rectification, cancellation or opposition to their processing, in the following cases:
a. When the requesting party is not the Owner of the personal data, or the legal representative is not duly accredited for this.
b. When the requesting party's personal data are not found in the Controller’s database.
c. When the rights of any third party are violated.
d. When there is a legal impediment, or a resolution from a competent authority, that restricts access to personal data, or does not allow their rectification, cancellation or opposition.
e. When the rectification, cancellation or opposition has been previously carried out.
VI. Revocation of consent
The Owner, or their legal representative, can revoke the consent that they have granted for the processing of their personal data. In order to revoke their consent, the Owner must submit a "Request for Revocation of Consent", which can be obtained at our offices by presenting their current official ID, and on our website www.rookmotion.com. In order to oppose the processing of your personal data, when there is a legitimate cause and your specific situation requires it; the request will be serviced by the person in charge of the Controller's Personal Data Protection Area, in accordance with the procedure described in section VIII of this Privacy Notice.
Any customer or non-customer can revoke their consent to the treatment of their personal data for secondary purposes of marketing, promotion, advertising and/or commercial prospecting, through the "Request for Revocation of Consent" which can be obtained in our offices or through our website.
In the event that your Request is appropriate, the person in charge of the Controller's Personal Data Protection Area will register it in the Controller's internal exclusion list, and the processing of your personal data will stop.
It is very important that you take into account that we may not be able to service your request or end the use of your data immediately in all cases, since it is possible that we may require to continue processing your personal data due to a legal obligation on our part. Additionally, you must consider that, for certain purposes, the revocation of your consent implies that we cannot continue to provide the service you requested. Likewise, in all cases, the revocation of consent will not have retroactive effects with regard to the obligations undertaken through a contract executed between the Owner and the Controller.
VII. Options and means offered by the Controller to limit the use or disclosure of personal data.
In order to limit the use or disclosure of the Owner's personal data, the Controller safeguards them in physical files and computer programs provided with passwords that have high security specifications, which may only be accessed by people who, due to their duties, are granted powers to do so, and who have previously entered into a confidentiality agreement.
For the processing of personal data, the Controller uses the same security measures as those applied to its own confidential information.
Additionally, the Controller has implemented internal policies and processes through which personal data are disclosed only to authorized personnel, who have been instructed in the handling, processing and final disposal of copies or reproductions of documents that contain personal data and that are unnecessary to integrate the file. Said workers are also prohibited from removing from the offices of the Controller any documentation containing personal data.
Likewise, the Controller enters into confidentiality agreements with their personnel, whereby they inform said personnel that any personal data that they may access in the exercise of their duties are considered confidential information and, therefore, in the event of their disclosure, they shall become subject to the payment of damages, as well as any applicable criminal penalties.
You can limit the use and/or disclosure of your personal data through the "Request to Limit the Use and/or Disclosure of Personal Data" that is available at our offices. The procedure to service said request shall be governed by the criteria indicated in section VIII of this Privacy Notice.
Likewise, you may register in the Public Registry to Avoid Publicity (REPEP, for its initials in Spanish) from the Federal Consumer Protection Office, by accessing the following link: http://repep.profeco.gob.mx/.
VIII. Procedure to exercise the Rights of Access, Rectification, Cancellation or Opposition (ARCO); to revoke consent and to limit the use or disclosure of personal data.
In order for the person in charge of the Controller’s Personal Data Protection Area to be able to service your request to exercise your Rights of Access, Rectification, Cancellation or Opposition (ARCO); revoke consent and/or limit the use or disclosure of your personal data, you must submit the corresponding request, which must be duly filled out and accompanied by a simple copy of any of the official ID’s described in said request.
Following this, the person in charge of the Controller’s Personal Data Protection Area shall proceed to examine the request, and in the event that the information is erroneous or incomplete, or the request lacks the document that accredits the personality of the Owner or their legal representative, they may require, within a period not exceeding five business days, the information or documents necessary to process your request. The Owner, or their legal representative, shall have ten business days to correct the request, with the understanding that, if it is not corrected, the request shall be considered as not submitted.
Once the request has been submitted, the person in charge of the Controller's Personal Data Protection Area shall notify the Owner of the decision made regarding said request, within a period of no more than twenty business days from the date on which said request was received, so that, if applicable, it may become effective within fifteen business days after the date on which the response is communicated.
The decision regarding the request shall be notified to the Owner using the e-mail address specified in said request, without prejudice to the Owner being able to come to our offices and request it in writing.
IX. Transfer of personal data by the Controller.
The Controller retains personal data for the period of time provided by the legal provisions, and only shares and/or transfers said personal data, within and outside the country and without the need for authorization from the Owner, in the cases permitted by Mexican laws, as well as:
a. To its subsidiary or affiliated companies, and/or any company that is part of the business group to which the Controller belongs or may belong in the future, and that operates under the same privacy policies and processes.
b. When the Owner hires another product and/or service through the Controller.
c. When we assign and/or dispose of our past due loan portfolio.
d. To make payment requests through collection offices.
e. When the Controller pledges their rights derived from the contracts executed.
f. For consultation and verification of the data and information provided by the Owner.
g. To third parties that provide auditing services to the Controller.
h. To credit information companies.
i. In the cases indicated in article 37 of the Law.
j. By virtue of a written order from a competent authority, which supports and motivates the legal cause of the procedure.
k. When so required by legal provision.
Other than in the aforementioned cases, your data will not be transferred to any third parties without your express consent.
All authorized third parties to whom the Personal Data are transferred know the scope of this Notice and assume the same obligations as the Controller, in accordance herewith and with the applicable regulations.
X. Notification of changes/updates to the privacy notice.
This Privacy Notice may be modified and/or updated at any time by the Controller, in compliance with any legislative or jurisprudential reforms, internal policies, or new requirements, with the updated version being the one published on our website www.rookmotion.com, which shall be the applicable version at all times.
In the event that the Controller changes their identity, requires the collection of additional personal data regarding the Owner’s property or finances, changes the purposes for the collection of personal data, or modifies the conditions of the transfers that may be made under the provisions of this Privacy Notice, a new privacy notice shall be made available to the Owners of the data, using the e-mail address provided by the Owner to the Controller, or through the Controller's website.
Please note that the Controller's websites do not use or save cookies to obtain personally identifiable information from the Owner's computer that was not originally sent as part of the cookie.
Although most browsers accept "cookies", the Owner can configure their browser to not accept them.