ASERTA, its ENTITIES: AFIANZADORA ASERTA S.A. de C.V., ASERTA, AFIANZADORA INSURGENTES, S.A. de C.V., GRUPO FINANCIERO FINANCIERO, with domiciles at Periférico Sur 4829, 8th and 9th floors, Col. Parques del Pedregal, C.P. 14010, Delegación Tlalpan, Mexico City, Federal District; SERVICIOS DE ALIMENTOS A EJECUTIVOS, S.A. de C.V. AND/OR HACIENDA DE SAN FERNANDO with domicile at Av. San Fernando No. 106, Col. Tlalpan, Del. Tlalpan C.P. 1400 and associated COMPANIES such as Campero y Monroy, S.C. with domiciles at Periférico Sur 4829, 8th and 9th floors, Col. Parques del Pedregal, C.P. 14010, Delegación Tlalpan, Mexico City, Federal District, all hereinafter referred to later on as the ENTITIES are responsible for gathering your personal data, the use made of same and its protection, hereinafter, treatment of personal data.

HOW TO CONTACT US:
Privacy Office ASERTA: Address: Periférico Sur 4829, 8th and 9th floors, Col. Parques del Pedregal, C.P. 14010, Delegación Tlalpan, Mexico City, Federal District.
E-mail:  oficinadeprivacidad@aserta.com.mx.
Phone: 5447-3800 and 5447-3900 Ext. 3825 and 3863

WHY DO WE COLLECT AND USE YOUR PERSONAL DATA?
USE OF THE INFORMATION SOLICITED:

You personal data are used for the following purposes:

1. To provide the products and services requested.
2. To inform you about changes to same
3. To comply with the obligations taken on with you through agreements and/or covenants
4. To comply with the legal obligation of identifying the individuals and legal entities with which the ENTITIES and their associated companies transact and enter into contracts in accordance with the provisions of the Federal Bond Institutions Law and/or identification for the provision of services contracted by the ENTITIES and/or companies associated with them.
5. Execute the agreements and contracts entered into by the ENTITIES possessing the personal data and the third parties with which the former have signed accords, agreements and contracts for the provision of services in their name, such as legal services, including the communication, transmission and/or transfer of personal data in order to comply with the purposes contracted on behalf of the ENTITIES.
6. Conservation and/or integration and/or consultation of personal data in identification files by any of the Entities that make up Aserta
7. To provide information services that are related to what you contracted or acquired, including those of a social, recreational, sports, educational, cultural, promotional nature and/or offer new services and products
8. To evaluate the quality of the services we provide
9. For statistical purposes

WHAT PERSONAL DATA DO WE OBTAIN AND FROM WHERE?
COLLECTING INFORMATION AND PERSONAL DATA

For the purposes indicated in this Privacy Notification, we gather your information in various ways directly from you when you provide such information directly, when you visit one of our websites, when you use our online services or when you are required to authenticate your identity in order to interact by performing transactions in some of the ENTITIES™ portals or systems and/or when we obtain information from other sources permitted by law. The kind of data we collect on you may be consulted in the applicable legal provisions that oblige the ENTITIES to integrate the individual™s or legal entity™s identification files with whom the contract and/or operation is signed.

Not all the contracts are published in the ENTITIES™ websites portals; consequently, you should contact the email indicated to request further information regarding any specific contract.
Please bear in mind that the services may only be contract by people over the age of 18.

The information collected may be combined to know it better and develop the contact strategies that allow us to be closer.

Some of the personal data to be collected are the contents of diverse contracting instruments used by the ENTITIES, such as:
Those necessary for IDENTIFICATION, like your name, fax number, phone number, address, email, signature, Federal Tax Registration (RFC), Population Registration Code (CURP), nationality, personal cell phone number, etc.
WORK data for which an institutional email and work phone number will be requested.
NET WORTH DATA, such as bank accounts, bank transfer information (CLABE) for possible reimbursements for services not provided and/or cancelled.
Other purposes include the legal justification of the personal data necessary to identify third parties and their legal representatives with whom the ENTITIES enter an operation, contract, agreement or covenant that may be located in the Resolution for which the general provisions referred in article 112 of the Federal Bond Institutions Law were issued and published by the Treasury Ministry in the Federal Government Gazette on May 14, 2004.

Please bear in mind that some of the ENTITIES™ portals and websites may invite you to upload personal information generated by you as a user for publication in specific sections like letters and/or photos and/or bulletins and/or newsletters. This information becomes public domain over which the ENTITIES have no control and cannot prevent a possible breach of this privacy notification.

NET WORTH PERSONAL DATA:
We inform you that in order to comply with the some of the purposes established in this privacy notification, some of you personal data, including information about your net worth, will be collected and processed. We guarantee that the data will be treated with the strictest security measures in order to ensure their confidentiality.
In accordance with what is established in articles 8 (eight) and 10 (ten) of the Federal Law for the Protection of Personal Data Held by Private Parties, you will be told that these data are requested in order to comply with the obligations derived from the legal relationship between the holder and the person in charge appointed in the service providing and products agreements applied for, such as a possible reimbursement for services not used and express consent requirements to handle your net worth data, which is why we ask you whether you accept the processing or not:

I give permission for my personal data to be transferred in terms of this privacy notification

HOW CAN YOU LIMIT THE USE OR DISCLOSURE OF YOUR PERSONAL DATA?
When the use of your personal data does not refer to the data needed to comply with a legal or contractual obligation (compliance with legal obligations derived from the legal relationship between the holder and person responsible), you may ask not to receive messages by any means by sending an email to the address given at the beginning of this Privacy Notification.

DATA TRANSFER AND/OR TRANSMISSION AND/OR USE YOUR DATA MAY TRAVEL TO OTHER COUNTRIES OR BE SHARED WITH OTHERS
Your personal data may be transferred or communicated (transmitted) to persons other than the ENTITIES, to third parties domiciled in Mexico with whom the ENTITIES have signed agreements, contracts and covenants to provide various services in the name of such, including all the consequences derived from these legal relationships.
Your information may therefore be shared with companies that make Aserta, with Campero y Monroy, S.C. as the company providing legal services for the ENTITIES when they, individuals and legal entities, are associated with the operation of the ENTITIES to provide the services contracted in our name, as well as those cases in which there is a legal mandate and/or in those where the applicable laws oblige the transfer and/or transmission at the expense of the ENTITIES.
We therefore undertake not to transfer your personal information to third parties without your consent, with the exception of the provisions in article 37 of the Federal Law for the Protection of Data Held by Individuals, and make the transfers under terms established by this law.

Consequently, with the provisos of the cases mentioned above, if you do not express opposition to having your data transferred, it will be understood that you have given consent for such.

These third parties undertake with the ENTITIES to comply with the same privacy policy, which means you can be reassured that your personal data will always be protected and treated in accordance with what is established in the applicable legislation.

We share some of your data depending on the service contracted, however, only strictly necessary information will be provided to these third parties, establishing that they undertake to protect this information and not to use it for purposes other than those solicited.
Likewise, we may share your information for statistical purposes such as user or visitor number to the websites property of Aserta and/or its ENTITIES without including data that make you identifiable.

I give permission for my personal data to be transferred under the terms of this privacy notification;

SECURITY
The privacy of the data collected is guaranteed because, in addition to the legal obligations concerning confidentiality set forth in the special applicable laws, the information forwarded to the ENTITIES through their websites is transmitted to them through a secure session over links with VPN (Virtual Private Network), encrypted channel between your computer and the ENTITIES' systems; communication is therefore only visible between the ENTITIES' server and the USER's equipment. Likewise, the information physically furnished to the ENTITIES is only visible for the persons who require this information to perform their duties while following the institutional confidentiality and privacy policies established by the ENTITIES.

Cookies are text files that are automatically downloaded and stored in the hard drive of the user™s computer equipment when navigating a specific website that enables the Internet server to remember certain data on the user, including his or her preferences for the visualization of the server™s website, name and password.
Web beacons, however, are images inserted in the Internet page or email that may be used to monitor a visitor™s behavior and to store information on the user™s IP address, length of interaction time on such page and the type of navigator used, among other factors.
Please note we do not use cookies or web beacons to obtain your passwords or personal information, such as:

1. Type of navigator and operating system
2. Pages visited in the portal
3. Concurrence of links inside the portal
4. Time when the portal is left

These cookies and other technologies must be disabled. In order to do this, check the following link or electronic address http://windows.microsoft.com/es-ES/windows-vista/Block-or-allow-cookies

We use statistic scripts that monitor page events and the portal page links, but there is no user – event association. These scripts may be disabled by using the following link http://uaoc.org/es/usuarios/setup_browser.html

INFORMATION QUALITY
The ENTITIES declare that the information collected is promptly, accurately and completely processed and that reasonable and necessary measures have been taken to protect the persona data against the loss, damage, alteration, destruction or unauthorized use, access or treatment of personal data. Regardless of the above, the ENTITIES shall notify the holder as soon as possible of such data at the physical and/or electronic address that has been determined for such purpose, in the event of a violation of these security measures, provided that they have a significant impact on the holder™s asset and moral rights so that said holder may take the corresponding steps to defend his or her rights.
The ENTITIES will store and conserve such information based on temporary or definitive data for the time necessary to comply with their contractual and legal obligations, and also to comply with the agreements and/or contracts signed with third parties with whom there are accords, contracts and agreements to provide various services on their behalf provided there is no legal order or ruling to the contrary.
Please bear in mind that various laws are applicable to the services contracted with the ENTITIES; consequently, the personal data conservation periods will be subject to the regulations established in various fields, such as the Federal Consumer Protection Law, the Federal Bond Institutions Law and in tax, commercial, business and e-commerce legislation and any other provision that may be applicable.

HOW CAN YOU ACCESS YOUR PERSONAL DATA OR CANCEL OR OBJECTION TO THEIR USE?
THE DATA HOLDER™S RIGHTS CONCERNING YOUR INFORMATION
You can access your personal data in our possession and their treatment in order to see, update and correct them if that are inaccurate or incomplete or exercise any of your rights related to your personal information held by the ENTITIES under the terms of the rights in the Federal Law for the Protection of Personal Data Held by Private Parties as regards access, correction, cancellation and refusal, when you believe that they are not required for any of the purposes indicated in this notification or that they are being used for unauthorized purposes, the contractual relationship and legal conservation periods set forth in law have terminated, the legal or contractual prescription terms have expired or when you deem it necessary to oppose the use of same for specific purposes by sending an email wiht the Form ARCO to the address provided in the Privacy Notification.
You request must contain the Form ARCO and the following information: Name of Holder or name of contracting party, date of event contracted and/or kind of event contracted, fixed and/or mobile/cell phone number, email.

In accordance with article 32 in the law in question, the periods to attend to the application are as follows:
The person in charge will inform the holder within a period of twenty days counted from the date of receipt of the application to gain access, rectify, cancel or oppose the ruling adopted so as to then, if applicable, implement such within two weeks after the date of informing the response. In the case of applications to access personal data, access will be give with prior confirmation of the applicant™s or the Legal Representative™s identity, as applicable.

REVOKING CONSENT
You may at any time inform the ENTITIES of your decision to revoke the consent given for the treatment of your personal data that so we may stop using them, provided the consent to be revoked does not arise from a legal, contractual or operational relationship established with the ENTITIES that is permitted by law or has been expressly agreed in writing by the ENTITIES and you. In all cases, the revocation of consent may not be applied retroactively.

It is sufficient to send an email to the electronic address indicated that the start of the Privacy Notification or to send your application to the physical address indicated by the ENTITIES in this instrument.

WHO CAN YOU COMPLAIN TO FOR THE INCORRECT USE OF YOUR PERSONAL DATA?
If you believe that the ENTITIES may have misused your personal data or you believe that your right to protect such personal data has been violated by our employees or our activities and responses or the authority in charge of correctly applying the Protection of Personal Data Held by Private Parties, you may submit a complaint to the Federal Information Access Data Protection Institute and (IFAI) which can be contacted at www.ifai.org.mx or you may visit its offices at: Av. México No. 151 Col. Del Carmen; Del. Coyoacán, Mexico City, Federal District C.P. 04100 Tel. 01 800 TELIFAI (01 800 8354324)

CHANGES TO THE PRIVACY NOTIFICATION
Any change or updating of this privacy notification shall be published in the ENTITIES™ internet portals and in the application available for tablets at Mundo Aserta. We reserve the right to modify or update this Privacy Notification in any manner in accordance with new legislation, internal policies or new requirements in order to provide or offer our services or products.

You will be sent an email informing you of substantial changes to the privacy policy unless the nature of the modification determines otherwise, and/or through the use of any medium considered necessary.