LEGAL

LEGAL

LEGAL

Privacy Policy

Updated - September 2th, 2024

This English version is the legal basis for any formal queries about the privacy policy.

Updated - September 2th, 2024

This English version is the legal basis for any formal queries about the privacy policy.

Updated - September 2th, 2024

This English version is the legal basis for any formal queries about the privacy policy.

In order to provide legitimate, controlled, and informed treatment of your personal data, whether currently provided to us, in the future, or stored in our databases, or collected by cookies or any other web tracking technology, as well as to guarantee your privacy and your right to informative self-determination when providing said data, Vambe is responsible for the use and protection of your personal data which will be processed based on the principles of lawfulness, consent, information, quality, purpose, loyalty, proportionality and responsibility provided for in the Law.

In order to provide legitimate, controlled, and informed treatment of your personal data, whether currently provided to us, in the future, or stored in our databases, or collected by cookies or any other web tracking technology, as well as to guarantee your privacy and your right to informative self-determination when providing said data, Vambe is responsible for the use and protection of your personal data which will be processed based on the principles of lawfulness, consent, information, quality, purpose, loyalty, proportionality and responsibility provided for in the Law.

  1. Use of Information

The information you provide to us through access, registration and creation of a User profile on the Site and/or Platform, and/or email, and/or completion of physical or electronic forms or surveys, in real time or historical, will be processed and ordered to generate data indicators, which Vambe may use to make relevant decisions for its business. All information collected will be used for statistical purposes, in a generic and non-personalized manner, and is associated with the growth, maintenance and administration of Vambe, respecting your privacy at all times. These uses include our internal operations and administration, communication with you and fulfillment of requests for services and/or products provided by Vambe, as well as to improve, develop, perfect and provide Vambe's services, through its related parties, affiliates, or authorized providers and/or business partners, establishing appropriate measures to limit the use of information collected from you, only for legal and authorized purposes in accordance with this notice, as well as with due confidentiality and security measures.


Vambe may also collect your IP (Internet Protocol) address to help diagnose problems with Vambe's server and to administer the Site and Platform. An IP address is a number that is assigned to your computer when you use the Internet. Your IP address is also used to help identify you within a particular session and to collect general demographic information. Vambe may use "push" technology through the application that Vambe uses to send notifications with prior User authorization. This means of communication does not have any type of access to other functions or information of the equipment with which you connect to the Site. The information may include the URL from which they come (whether or not they are on the Site), which URL they access next (whether or not they are on the Site), what browser they are using, as well as the pages visited, searches performed, posts, commercial preferences, messages, etc.

The information you provide to us through access, registration and creation of a User profile on the Site and/or Platform, and/or email, and/or completion of physical or electronic forms or surveys, in real time or historical, will be processed and ordered to generate data indicators, which Vambe may use to make relevant decisions for its business. All information collected will be used for statistical purposes, in a generic and non-personalized manner, and is associated with the growth, maintenance and administration of Vambe, respecting your privacy at all times. These uses include our internal operations and administration, communication with you and fulfillment of requests for services and/or products provided by Vambe, as well as to improve, develop, perfect and provide Vambe's services, through its related parties, affiliates, or authorized providers and/or business partners, establishing appropriate measures to limit the use of information collected from you, only for legal and authorized purposes in accordance with this notice, as well as with due confidentiality and security measures.


Vambe may also collect your IP (Internet Protocol) address to help diagnose problems with Vambe's server and to administer the Site and Platform. An IP address is a number that is assigned to your computer when you use the Internet. Your IP address is also used to help identify you within a particular session and to collect general demographic information. Vambe may use "push" technology through the application that Vambe uses to send notifications with prior User authorization. This means of communication does not have any type of access to other functions or information of the equipment with which you connect to the Site. The information may include the URL from which they come (whether or not they are on the Site), which URL they access next (whether or not they are on the Site), what browser they are using, as well as the pages visited, searches performed, posts, commercial preferences, messages, etc.

  1. Use of Cookies

Vambe informs you that, through the use of cookies and similar technologies, it seeks to guarantee the best possible experience on the Site and/or Platform, by providing you with personalized information, remembering your service and marketing preferences and helping you obtain the appropriate information. If you require more information regarding the use of cookies and similar technologies, Vambe makes available to you the Cookie Usage Policy.

Vambe informs you that, through the use of cookies and similar technologies, it seeks to guarantee the best possible experience on the Site and/or Platform, by providing you with personalized information, remembering your service and marketing preferences and helping you obtain the appropriate information. If you require more information regarding the use of cookies and similar technologies, Vambe makes available to you the Cookie Usage Policy.

  1. Personal Data Requested

Vambe, Inc. And/or its controlling companies and/or affiliated and/or subsidiary companies and/or related parties (the "Related Third Parties") and/or those third parties who, due to their commercial relationship with Vambe, have contracted the use of the Platform to complement their business proposal and have the need to process and/or use your personal data (the "User"), request and obtain personal data in general, as well as personal data considered sensitive by the Law (hereinafter "General Personal Data" and "Sensitive Personal Data", respectively; and jointly referred to as "Personal Data") from the persons described below.

Sensitive Personal Data may be requested by electronic or physical means, with the understanding that all information provided physically will be considered and treated as if it had been provided and authorized on the Site and/or Platform, and therefore will be governed by this document.


In all cases, the collection of Personal Data by Vambe is carried out in good faith and for the purposes set forth herein; for this reason, it is assumed that the data provided by its owners is truthful and complete, and therefore is the responsibility of the owner who provides it.


The Personal Data that will be collected from Users, those responsible for the processes of requesting, selecting, acquiring and administering the services available on the Site and/or Platform (the "Services") as well as that information collected by Vambe through the use of the Platform, consists of personal information that is included or may be included in formats, listings, databases or other physical and/or electronic means, as appropriate, so that Vambe can provide the Services and consolidate the catalog of procedures and services that the User performs through the Platform.


We may also collect information that you voluntarily provide to us, including:

  1. Account information: Such as your name, contact information, and password.

  2. Profile information: Any additional information you choose to add to your profile.

  3. Communication data: Information you provide when contacting our support team or participating in surveys.


We automatically collect certain information when you use our application, including:

  1. Device information: Such as your device type, operating system, and unique device identifiers.

  2. Log data: Including IP address, browser type, pages viewed, and time spent on the app.

  3. Usage data: Information about how you interact with our application and services.


We use the collected information for various purposes, including:

  1. Providing and maintaining our services

  2. Personalizing your experience within the application

  3. Improving our application and developing new features

  4. Communicating with you about updates, support, and promotional offers

  5. Analyzing usage patterns to enhance performance and user experience

  6. Detecting, preventing, and addressing technical issues or fraudulent activities


Our application is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe we may have collected information about a child, please contact us immediately.


PLATFORM USERS. The Personal Data that will be collected from Users who make use of the Platform are necessary to document the commercial and legal relationship that exists or may exist with each of them. The Personal Data that you voluntarily and freely provide to Vambe consists of information that is included or may be included in contracts, letters, formats, listings, databases or other physical and/or electronic means, as appropriate, so that Vambe can document the relationship between the parties, the process of use and selection that you make or will make of the Modules that make up the Platform Services; as well as to fully comply with internal policies, procedures and other legal obligations applicable to Vambe.

The Personal Data that will be requested from Users for their registration as a User on the Platform are as follows: Full name; phone; address; email; and cell phone number.

Vambe, Inc. And/or its controlling companies and/or affiliated and/or subsidiary companies and/or related parties (the "Related Third Parties") and/or those third parties who, due to their commercial relationship with Vambe, have contracted the use of the Platform to complement their business proposal and have the need to process and/or use your personal data (the "User"), request and obtain personal data in general, as well as personal data considered sensitive by the Law (hereinafter "General Personal Data" and "Sensitive Personal Data", respectively; and jointly referred to as "Personal Data") from the persons described below.

Sensitive Personal Data may be requested by electronic or physical means, with the understanding that all information provided physically will be considered and treated as if it had been provided and authorized on the Site and/or Platform, and therefore will be governed by this document.


In all cases, the collection of Personal Data by Vambe is carried out in good faith and for the purposes set forth herein; for this reason, it is assumed that the data provided by its owners is truthful and complete, and therefore is the responsibility of the owner who provides it.


The Personal Data that will be collected from Users, those responsible for the processes of requesting, selecting, acquiring and administering the services available on the Site and/or Platform (the "Services") as well as that information collected by Vambe through the use of the Platform, consists of personal information that is included or may be included in formats, listings, databases or other physical and/or electronic means, as appropriate, so that Vambe can provide the Services and consolidate the catalog of procedures and services that the User performs through the Platform.


We may also collect information that you voluntarily provide to us, including:

  1. Account information: Such as your name, contact information, and password.

  2. Profile information: Any additional information you choose to add to your profile.

  3. Communication data: Information you provide when contacting our support team or participating in surveys.


We automatically collect certain information when you use our application, including:

  1. Device information: Such as your device type, operating system, and unique device identifiers.

  2. Log data: Including IP address, browser type, pages viewed, and time spent on the app.

  3. Usage data: Information about how you interact with our application and services.


We use the collected information for various purposes, including:

  1. Providing and maintaining our services

  2. Personalizing your experience within the application

  3. Improving our application and developing new features

  4. Communicating with you about updates, support, and promotional offers

  5. Analyzing usage patterns to enhance performance and user experience

  6. Detecting, preventing, and addressing technical issues or fraudulent activities


Our application is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe we may have collected information about a child, please contact us immediately.


PLATFORM USERS. The Personal Data that will be collected from Users who make use of the Platform are necessary to document the commercial and legal relationship that exists or may exist with each of them. The Personal Data that you voluntarily and freely provide to Vambe consists of information that is included or may be included in contracts, letters, formats, listings, databases or other physical and/or electronic means, as appropriate, so that Vambe can document the relationship between the parties, the process of use and selection that you make or will make of the Modules that make up the Platform Services; as well as to fully comply with internal policies, procedures and other legal obligations applicable to Vambe.

The Personal Data that will be requested from Users for their registration as a User on the Platform are as follows: Full name; phone; address; email; and cell phone number.

  1. Transfer

TRANSFER OF PERSONAL DATA AND INFORMATION. The Personal Data referred to in this Notice may be transferred to: (i) Related third parties and/or business partners, with the purpose of enhancing Vambe's value proposition, as well as offering you, based on your needs, other products and services; (ii) Judicial authorities, Mexican and foreign, for the purpose of complying with the Law, legislation, notifications, requirements or judicial orders; (iii) To internet service providers on which Vambe's technological infrastructure is mounted; and/or (iv) to technical support service providers of the Platform. In case of making any transfer of your Personal Data, in which your express consent is required, we will inform you in order to obtain it.


In all cases, Vambe will communicate this Privacy Notice to these third parties and will ensure through the signing of agreements and/or the adoption of other binding documents, that said third parties maintain the necessary administrative, technical and physical security measures to safeguard your Personal Data, and that said third parties only use your Personal Data for the purposes for which they were collected. Likewise, both the User as responsible for collecting the Personal Data and Vambe that facilitates through the Platform the collection and processing of the same, as well as any other person related to Vambe who has access to the information contained in this Privacy Notice, will be obliged to safeguard it under the same security and confidentiality standards, and not to reveal it or misuse it, otherwise they will be liable in accordance with applicable laws.


Notwithstanding the foregoing, Vambe will not transfer your Personal Data to third parties not related to Vambe, except in the cases mentioned above and those provided for in the Law, without your prior consent.

TRANSFER OF PERSONAL DATA AND INFORMATION. The Personal Data referred to in this Notice may be transferred to: (i) Related third parties and/or business partners, with the purpose of enhancing Vambe's value proposition, as well as offering you, based on your needs, other products and services; (ii) Judicial authorities, Mexican and foreign, for the purpose of complying with the Law, legislation, notifications, requirements or judicial orders; (iii) To internet service providers on which Vambe's technological infrastructure is mounted; and/or (iv) to technical support service providers of the Platform. In case of making any transfer of your Personal Data, in which your express consent is required, we will inform you in order to obtain it.


In all cases, Vambe will communicate this Privacy Notice to these third parties and will ensure through the signing of agreements and/or the adoption of other binding documents, that said third parties maintain the necessary administrative, technical and physical security measures to safeguard your Personal Data, and that said third parties only use your Personal Data for the purposes for which they were collected. Likewise, both the User as responsible for collecting the Personal Data and Vambe that facilitates through the Platform the collection and processing of the same, as well as any other person related to Vambe who has access to the information contained in this Privacy Notice, will be obliged to safeguard it under the same security and confidentiality standards, and not to reveal it or misuse it, otherwise they will be liable in accordance with applicable laws.


Notwithstanding the foregoing, Vambe will not transfer your Personal Data to third parties not related to Vambe, except in the cases mentioned above and those provided for in the Law, without your prior consent.

  1. Means and Procedures for the Exercise of ARCO Rights

You, as the owner of the Personal Data provided to Vambe, may request at any time, the exercise of your rights of access, rectification, cancellation or opposition (the "ARCO Rights") to the processing of your Personal Data, consisting of: (i) accessing your Personal Data and the details of their processing; (ii) rectifying your Personal Data if they are inaccurate or incomplete; (iii) canceling your Personal Data when you consider that they are not required for any of the purposes indicated in this Privacy Notice, are being used for purposes not consented to or your contractual or service relationship or other with Vambe has ended; and (iv) opposing the processing of your Personal Data for specific purposes.


For this purpose, you must follow the process of submitting your request in writing to Vambe, or send your request to the Email Address, as applicable, which must contain, at a minimum, the following information: (a) Your full name and address, or other suitable means to communicate the response to your request; (b) The documents that prove your identity or, if applicable, that of your legal representative; (c) The clear and precise description of the Personal Data with respect to which you seek to exercise any of the aforementioned rights; and (d) Any other element or information that facilitates the location of the Personal Data, as well as any other document required by current regulations at the time of submitting the request. You may also request more information about the procedure for exercising your ARCO Rights at the Email Address.


The response to your request will be made known to you by Vambe in the terms and deadlines established by Law. However, you may obtain more information about the status of your request and the response time by contacting Vambe or sending your request to the Email Address, where they can also address any clarification or doubt you may have regarding the processing of your Personal Data and the exercise of your ARCO Rights.

  1. Google User Data Access

Our applications utilize various Google services and Firebase to provide and improve our functionalities. This addendum outlines how we interact with Google's ecosystem and what data may be collected and processed.


6.1 Google Services Integration and Data Usage

We integrate with several Google services to enhance user experience and provide seamless functionality. These integrations may include, but are not limited to:

  1. Google Sign-In (OAuth): Allows users to log in using their Google accounts.

  2. Google Drive: Enables users to save and retrieve documents within our app.

  3. Google Calendar: Integrates our scheduling features with users' Google Calendars.

  4. Firebase: Provides various backend services including analytics, crash reporting, and performance monitoring.

6.2 Data We Access and Its Usage

Through these integrations, we may access and use the following types of Google user data:

  1. Email address: Used for user authentication and service-related communications.

  2. User name: Used to personalize the user experience within the application.

  3. Profile picture: Used to display your avatar within the app.

  4. Calendar data: Used to integrate our scheduling features with your Google Calendar.

  5. Google Drive content: Used to allow you to save and retrieve documents within our app.


We only access this data with user consent and use it solely for the purposes stated above. We do not share this data with third parties unless required by law or with explicit user consent.


6.3 Firebase Data Collection and Usage

Firebase, a platform developed by Google, may collect and process various types of data, including but not limited to:

  1. Analytics data

  2. Crash reports

  3. Performance data

  4. User behavior data

The specific types of data collected may vary based on the Firebase services we implement and may change as we update our application or as Google updates the service.

6.4 Additional Data Collection by Google

Please be aware that Google may collect or request additional types of information as necessary for the provision and improvement of their services, including Firebase. This collection is governed by Google's privacy policy and terms of service for each specific product.

6.5 Your Agreement and Rights

By using our application, you acknowledge and agree to:

  1. The collection and processing of data by our application through Google services as described above.

  2. The collection and processing of data by Firebase as described above.

  3. Google's Privacy Policy and Terms of Service for all integrated Google services, including Firebase.

  4. Any future changes or additions to data collection practices that may be implemented by Google for their services.

We encourage you to review Google's privacy policies and terms of service for more detailed information on their data practices. You maintain all the rights outlined in our main privacy policy regarding your personal data. However, please note that certain data collected through Google services may be managed directly by Google and subject to their policies.

6.6 Our Commitment to Transparency

We are committed to transparency regarding data practices. If we become aware of significant changes to Google's data collection practices that materially affect our users' privacy, we will make reasonable efforts to inform our users and update our privacy policy accordingly. By continuing to use our application, you consent to the practices described in this addendum and the broader privacy policy of our application.

  1. Stripe Payment Processing

Our platform uses Stripe for payment processing. This section outlines how we handle payment information and interact with Stripe's services.

All the information to indentify the account holder, email, payment card, billing adresses and transaction amount is collected securely and transmitted directly to Stripe. We do not store complete payment card information on our servers. Stripe can be use this information to process payments, prevent fraud, and provide customer support. All payment data is encrypted using industry-standard SSL/TLS protocols during transmission and uses tokenization to replace sensitive payment information with a unique identifier, further protecting your data.

In Vambe, only authorized personnel have access to payment-related information on a need-to-know basis.

We retain transaction records for accounting and legal compliance purposes. However, we do not store complete payment card information. Stripe retains payment information in accordance with their own privacy policy and legal requirements.

You have the right to:

  1. Review the payment information we hold about you

  2. Request deletion of your payment information (subject to our legal obligations)

  3. Receive information about the payment data we have shared with Stripe

By using Stripe's services through our application, you agree to Stripe's Terms of Service and Privacy Policy. We encourage you to review these documents for more information on how Stripe processes your data.

  1. Data Protection Mechanisms for Sensitive Information

To ensure the protection of sensitive user data, including the Google user data we access, we implement the following security measures:


  1. Encryption: All sensitive data, including Google user data, is encrypted in transit and at rest using industry-standard encryption protocols (AES-256).

  2. Access Control: We employ a strict role-based access control system. Only authorized personnel have access to user data, and access is granted on a need-to-know basis.

  3. Secure Storage: User data is stored in secure, access-controlled databases. We regularly update and patch our systems to protect against known vulnerabilities.

  4. Data Minimization: We only collect and retain the minimum amount of data necessary to provide our services.

  5. Regular Security Audits: We conduct periodic security audits and vulnerability assessments to ensure the ongoing protection of user data.

  6. Incident Response Plan: We have a comprehensive incident response plan in place to quickly address any potential data breaches or security incidents.

  7. Employee Training: All employees with access to user data undergo regular privacy and security training.

  8. Third-party Assessments: We engage independent third parties to assess our security measures and ensure compliance with industry standards.

  9. Data Retention and Deletion: We have clear policies for data retention and secure deletion of user data when it is no longer needed or upon user request.

  10. Transparency: We are committed to being transparent about our data practices and will promptly notify users of any changes to how we handle their data.


By implementing these measures, we strive to ensure that all user data, including Google user data, is protected to the highest standards of privacy and security.

To ensure the protection of sensitive user data, including the Google user data we access, we implement the following security measures:


  1. Encryption: All sensitive data, including Google user data, is encrypted in transit and at rest using industry-standard encryption protocols (AES-256).

  2. Access Control: We employ a strict role-based access control system. Only authorized personnel have access to user data, and access is granted on a need-to-know basis.

  3. Secure Storage: User data is stored in secure, access-controlled databases. We regularly update and patch our systems to protect against known vulnerabilities.

  4. Data Minimization: We only collect and retain the minimum amount of data necessary to provide our services.

  5. Regular Security Audits: We conduct periodic security audits and vulnerability assessments to ensure the ongoing protection of user data.

  6. Incident Response Plan: We have a comprehensive incident response plan in place to quickly address any potential data breaches or security incidents.

  7. Employee Training: All employees with access to user data undergo regular privacy and security training.

  8. Third-party Assessments: We engage independent third parties to assess our security measures and ensure compliance with industry standards.

  9. Data Retention and Deletion: We have clear policies for data retention and secure deletion of user data when it is no longer needed or upon user request.

  10. Transparency: We are committed to being transparent about our data practices and will promptly notify users of any changes to how we handle their data.


By implementing these measures, we strive to ensure that all user data, including Google user data, is protected to the highest standards of privacy and security.

  1. Digital, Electronic and Online Form

The Parties agree that the form to perfect the agreement of wills between them may be Digital, Electronic or Online, where it will be sufficient to manifest their will through their acceptance, as well as provide personal data, on Vambe's own Site without requiring to stamp the signature on any document.

  1. Revocation of Consent

You may also revoke, at any time, the consent you have given to Vambe for the processing of your Personal Data, as well as request that the use and disclosure of the same be limited, as long as it is not prevented by a legal provision. For this purpose, you must submit your request in writing to Vambe, or send your request to the Email Address, as applicable. Said request must comply with the same requirements mentioned in Section 5 above.


The response to your request will be made known to you by Vambe in the terms and deadlines established by Law. However, you may obtain more information about the status of your request and the response time by contacting Vambe or sending your request to the Email Address, where they can also address any clarification or doubt you may have regarding the processing and these rights that correspond to you regarding your Personal Data.


In case your Personal Data had been sent prior to the date of revocation of consent, and continue to be processed by Vambe's managers, the latter will make known to the latter said revocation, so that they proceed to carry out the appropriate actions.

  1. Changes to the Privacy Notice

Vambe reserves the right to modify and/or update this Privacy Notice, in any or all of its parts, at its sole discretion, in which case it will communicate it here through its Site and/or Platform; and, as the case may be for each owner, through its internal networks, or through a notice that will be placed in Vambe's usual means of communication (physical or electronic) and in a visible place of the Address, or through a written notice addressed to your email, as legally required.

  1. Digital, Electronic and Online Form

The Parties agree that the form to perfect the agreement of wills between them may be Digital, Electronic or Online, where it will be sufficient to manifest their will through their acceptance, as well as provide personal data, on Vambe's own Site without requiring to stamp the signature on any document.