In compliance with the provisions of the Federal Law on the Protection of Personal Data Held by Private Parties, its Regulations, as well as the Guidelines for the Privacy Policy published in the Official Gazette of the Federation on January 17, 2013, this Privacy Policy (hereinafter the “Policy”) is brought to your attention.
I. DATA CONTROLLER
This privacy policy is part of the website: www.inmersys.com. The Data Controller for this Policy is SISTEMAS INMERSIVOS DIGITALES S. DE R.L. DE C.V. (hereinafter the “Controller” and/or “INMERSYS“), with its address at ENRIQUE REBSAMEN #922, COLONIA NARVARTE PONIENTE, DELEGACIÓN BENITO JUÁREZ, C.P. 03020, CIUDAD DE MÉXICO. The contact email is [email protected].
II. PURPOSES
The purposes for which INMERSYS may request, obtain, store, and/or use Personal Data are the following:
-
To maintain a relationship with users, clients, professionals, or any party interested in the products and/or services offered by the Controller.
-
For statistical and marketing control of the use of the Controller’s products and/or services.
-
To carry out proper quality control and measure the level of contact with our clients through quality evaluation surveys and market studies.
-
To send information, magazines, news, communications, and advertising to clients, members, or users who provide their data and are interested in receiving the information described in this section.
-
To attend to requests for information, products, services, complaints, questions, or comments.
-
To create databases for research and development of products and/or services.
III. METHOD OF OBTAINING PERSONAL DATA
INMERSYS may obtain Personal Data in the following ways:
-
In person: The Controller may obtain Personal Data from its clients or potential clients during interviews about the promotion of its services. The Policy will be made available to the individuals in a printed format.
-
Directly from the data subject: Through the means used by the Controller, such as: electronic, auditory, visual, or any other technology, including the internet.
-
Indirectly: INMERSYS may obtain Personal Data through third parties. In this case, INMERSYS will notify the data subject about the use and purposes of the processing of their Personal Data and will make the Privacy Policy available to them, prior to the use of their Personal Data.
IV. CONSENT FOR THE USE OF PERSONAL DATA
The processing of Personal Data is always subject to the data subject providing their consent expressly, either in writing, orally, through electronic means, any other technology, or by unequivocal signs, or tacitly. Tacit consent is understood when, after the Privacy Policy has been made available to the data subject, they do not express any opposition. By providing their Personal Data to the Controller, the advertiser, subscriber, user, client, and/or member expressly acknowledge and accept this Policy. In both cases, express or tacit consent, the data subject has a period of 5 days to express their opposition to the processing of such Personal Data. If no opposition is expressed, it will be understood that consent has been given.
Consent for the processing of Personal Data will not be necessary when:
-
It is provided for in a law.
-
The data is in publicly accessible sources.
-
The Personal Data is subjected to a prior dissociation procedure.
-
The purpose is to fulfill obligations arising from a legal relationship between the data subject and the Controller.
-
There is an emergency situation that could potentially harm an individual in their person, property, and/or assets.
-
A resolution is issued by a competent authority.
V. REQUESTED PERSONAL DATA AND ITS USE
The Personal Data that INMERSYS may collect includes, among others: names, surnames, addresses, telephone numbers, emails, Federal Taxpayer Registry keys, and names of family members, as well as any other information that the client, user, and/or member provides throughout the contractual relationship they establish. The information is requested for use within the developed VRC application, as within it, being a virtual reality application, users must have at least the following identification data: name, age, and email. The use that INMERSYS will give to the personal data will be solely for the purpose mentioned, without contradicting what is stated in Section II of this agreement.
Cookies Policy
By using our online services, you agree to the use of cookies and similar technologies. We use these tools to improve your experience, analyze site traffic, personalize content and ads, and understand user behavior. We use the following tools for cookie management:
-
Clarity: To understand how users interact with our website through heatmaps and session recordings.
-
Google Analytics: To collect and analyze anonymous data about site traffic and user activity.
-
Hubspot: For marketing management and user experience personalization.
-
Google Tag Manager: To efficiently manage tracking and analytics tags on our site.
VI. DATA STORAGE AND PROTECTION
INMERSYS stores Personal Data for the period of time required to perform the service for which it was collected and for the purpose for which it was requested. INMERSYS has adopted the legally required security measures for the protection of Personal Data. The Controller has additional technical means and measures to prevent the loss, misuse, alteration, unauthorized access, or theft of the user’s Personal Data. It undertakes to inform the data subject if there are breaches of its security measures. The data collection carried out by INMERSYS is in good faith, and it is presumed that the data is truthful, correct, complete, and identifies the data subject who provides it. It is the data subject’s responsibility to ensure that the data they provide meets these characteristics and is updated as necessary. INMERSYS reserves the right to take appropriate actions in case of false data.
VII. TRANSFER OF PERSONAL DATA
INMERSYS may transfer Personal Data in order to maintain a relationship with the data subject regarding the company’s products, services, and research. Based on Articles 36 and 37 of the Federal Law on the Protection of Personal Data Held by Private Parties, Personal Data may be lawfully transferred for the purposes established in this Privacy Policy to:
-
Data processors in the area of client service and studies related to the provision of our products and/or services.
-
Third parties, such as marketing agencies, that partner with INMERSYS to offer its products and services. If the user and/or member does not express their opposition to their Personal Data being transferred, it will be understood that they have given their consent.
VIII. USER RIGHTS (ARCO RIGHTS)
This section details the rights you have over your personal data, in accordance with applicable data protection laws, including, but not limited to, the CCPA/CPRA of California. INMERSYS guarantees the rights of access, rectification, cancellation, and opposition (ARCO rights) to data subjects.
-
Right to Know (Access): You have the right to request and know what personal data we have collected about you.
-
Right to Correct (Rectification): You can request the correction of inaccurate data.
-
Right to Delete (Cancellation): You have the right to request the deletion of your personal data from our records.
-
Right to Opt-Out of Selling or Sharing (Opposition): You have the right to instruct us not to sell or share your personal data with third parties for marketing purposes.
How to exercise these rights: To exercise any of your ARCO rights, you must submit a request to INMERSYS that contains the following requirements:
-
Your name and address or email to communicate the response to your request.
-
Documents that prove your identity, or, where applicable, the legal representation of the person acting on your behalf.
-
A clear and precise description of the Personal Data regarding which you seek to exercise one of the ARCO rights.
-
Any other element or document that facilitates the location of your Personal Data.
-
Clearly specify whether the request is for access, rectification, cancellation, or opposition.
-
The reason for the request and the modifications to be made if the request is for rectification of Personal Data.
The request must be sent to INMERSYS via email at [email protected], postal mail, or in person at the Controller’s offices. The procedure that INMERSYS will adopt upon receiving the request is as follows: it will inform the data subject of the decision adopted within a maximum period of 20 (twenty) calendar days from the date the request was received. If the decision is favorable, it will be made effective within 15 (fifteen) calendar days following the date the decision is communicated.
IX. POLICY UPDATES
The Controller reserves the right to modify this Privacy Policy to adapt it to legislative or jurisprudential developments, as well as to market practices. The changes to this Policy will be announced through its website www.inmersys.com, either by specifying what the changes consist of or by simply showing the latest updated and modified version of this Policy. It is noted that our products and/or services may contain links to websites, links, and applications that use INMERSYS platforms and services of other companies that have their own privacy policies or notices, which we suggest you consult.
X. CONTACT
If you have any questions, comments, or concerns about our privacy policy and/or practices, please send an email to: [email protected].