PRIVACY POLICY AND PERSONAL DATA PROTECTION

1. PURPOSE

This Policy outlines the general and specific guidelines for the handling of personal data by Terra Mater Logística Integral en Soluciones Ambientales, S.A. de C.V. (hereinafter “Mater”), located at Calle Sur 77, number 37, Colonia Lorenzo Boturini, Venustiano Carranza Borough, ZIP Code 15820, Mexico City, contact: hello@mater.email.

It ensures the protection of all personal data shared with Mater or its affiliates, including information not strictly necessary but useful to improve services. This Policy upholds the principles of: lawfulness, consent, information, proportionality, quality, and accountability.

2. SCOPE OF APPLICATION

This Policy applies to any natural or legal person involved in Mater’s services. It applies both nationally and internationally, especially in data transfers to third parties, and remains effective even after the data subject is no longer related to Mater.

3. PRINCIPLES OF PERSONAL DATA PROCESSING

According to Article 6 of the Mexican Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP):

A) Lawfulness

Personal data is collected and processed lawfully under applicable regulations.

B) Consent

All processing is subject to the express consent of the data subject (verbal, written, digital, or unequivocal signs).

C) Information

Mater must clearly inform the data subject about:

  1. Specific processing purposes
  2. Transfers to third parties
  3. Importance of accurate data
  4. Duty to notify changes
  5. Consequences of refusal to provide data
  6. Right to access, rectify, or delete data
  7. Right to object

Data subjects may request corrections or deletions of inaccurate or excessive data, providing evidence when applicable.

D) Quality

Data must be necessary, accurate, and relevant. Mater’s Data Protection Officer (DPO) must ensure the Privacy Notice is followed.

E) Purpose

The DPO must inform users of data collected and its purposes through the Privacy Notice.

F) Fairness

Mater must protect data against unauthorized use and avoid deceptive collection practices. Reasonable privacy expectations must be respected.

G) Proportionality

In case of a data breach that significantly affects a subject’s rights, the subject must be immediately informed.

H) Accountability

All parties involved must maintain data confidentiality—even after the business relationship ends.

4. CONFIDENTIALITY

Mater must keep personal data confidential at all times—even if the person is no longer a client or related party.

5. REQUESTS

If a data subject believes their data was mishandled, they may contact hello@mater.email. Requests must comply with Articles 22–30 of the LFPDPPP and can be submitted by the subject or a legal representative.

6. RESPONSE TO REQUESTS

Mater must:

  • Log each request and response
  • Reply within 20 business days
  • Implement actions within 15 business days of response

7. AUTHORIZED STAFF

Mater will define which employees may access personal data and ensure they are bound to confidentiality and security standards.

8. DATA TRANSFER

Data may be transferred only under the following circumstances:

  • To offer services to clients
  • For marketing or specific service development
  • To comply with legal or health authority requests

Mater will always inform the subject of how and why their data is transferred. The third party will assume the same responsibilities as Mater.

9. DATA DELETION

Mater must delete personal data 30 days after the individual is no longer a person of interest.

10. ARCO RIGHTS

Data subjects may exercise their Access, Rectification, Cancellation, or Opposition (ARCO) rights by submitting:

  • Name and contact information
  • Proof of identity or representation
  • Description of the data and requested action
  • Supporting documents (if needed)

Mater will provide forms and simplified processes to support the exercise of these rights.

PREVENTION AND CONTINGENCY MEASURES

If a breach is detected, Mater will:

  1. a) Investigate the cause and parties involved
    b) Modify database access credentials
    c) Apply corrective and disciplinary measures
    d) Provide retraining on data protection compliance

Data Protection Department
Phone: +52 55 4363 8576
Email: hello@mater.email
Last Updated: 06.04.2025.