DigyBot

2. PERSONAL DATA AND SENSITIVE DATA SUBJECTED TO PROCESSING.

As part of our business activities, we require to collect and process from our collaborators, suppliers, clients, and other third parties that are related to DIGYTO, personal identification, address, contact, property, financial, academic, labor, all with the purpose of complying with the primary and necessary purposes indicated in this Privacy Notice.

Likewise, we inform you that to fulfill the purposes indicated in this Notice, DIGYTO may collect and process the following sensitive personal data: Personal data.

We inform you that the processing of the aforementioned sensitive personal data is intended for DIGYTO to comply with the obligations derived from the legal relationship we have with the Owner. We promise that they will be treated under strict security measures, always guaranteeing their confidentiality.

Consent will not be necessary for the processing of Personal Data when:

• It is provided for in a Law.
• The data appears in publicly accessible sources.
• Personal Data are subject to a prior dissociation procedure.
• Has the purpose of fulfilling obligations derived from a legal relationship between the Owner of the Personal Data and DIGYTO.
• There is an emergency situation that could potentially harm an individual's property or person.
• A resolution from the competent authority is issued.

2.1 DETAILED INFORMATION ON THE PROCESSING OF PERSONAL DATA.

Personal Data is collected for the following purposes and using the following services:

REGISTRATION AND AUTHENTICATION.

By registering or authenticating, the User allows this Application to identify them and give them access to the dedicated services.

Depending on what is indicated below, registration and authentication services may be provided by third party assistance. In such case, this Application may access some Data stored by the third-party service used for registration or authentication.

Some of the services listed below may also collect Personal Data for targeting and profiling purposes; For more information, please consult the description of each service.

GOOGLE OAUTH (Google LLC).

Google OAuth is a registration and authentication service provided by Google LLC and connected to the Google network.

By using our application/service and authenticating through Google, we may collect the following information:

• Google profile information (name, email address, profile photo, etc.).
• Access to Google Calendar to create events on behalf of the user.

The information collected is used to:

• Authenticate the user through Google to access the service.
• Create events in Google Calendar according to the user's instructions.

2.2 ADDITIONAL LIMITS ON THE USE OF YOUR GOOGLE USER DATA.

Notwithstanding any other provision in this Privacy Notice, if you provide Digyto with access to your Google data (for example, when you enable the Google Calendar feature), Digyto's use of that data You will be subject to these additional restrictions:

Digyto will only use the access to create, view or edit calendars (only new calendars created for the interaction of events between Digyto, the user and their clients), so we will not access calendars created previously or personal calendars. This is to allow events and reminders to be scheduled between users and thus maintain an organized itinerary.
Digyto will not use this calendar or login data for any other purposes.

Digyto will not allow humans to read this data unless we have your affirmative agreement for specific messages; Doing so is necessary for security reasons, such as investigating abuse, to comply with applicable law, or for Digiyto's internal operations and even then only when the data has been aggregated and anonymized.

Digyto's use of the information received and the transfer of information by Digto to any other application from the Google APIs will adhere to the Google API Services User Data Policy, including limited use requirements.

2.3 INFORMATION WE COLLECT FROM THIRD PARTIES.

Logins using federated authentication service providers: You can sign in to Digyto services using supported federated authentication service providers, such as Google. These services will authenticate your identity and give you the option to share certain personal information with us, such as your name and email address. You should check your privacy settings on each Integrated Service to understand what information that Integrated Service makes available to us and make any necessary changes. Please carefully review the terms of use and privacy policies of each Integrated Service before using their services and connecting to our Service.

Referrals: If someone has recommended any of our products or services to you through any of our referral programs, that person may have provided us with their name, email address and other personal information. You may contact us at hola@digyto.mx to request that we delete your information from our database. If you provide us with information about another person, or if another person provides us with your information, we will only use that information for the specific reason you provided it to us.

Information from our reseller partners and service providers: If you contact any of our reseller partners, or express interest in any of our products or services, the reseller partner may pass on your name, email address, company name and other information to Digyto. Digyto may also receive information about you from review sites if you comment on any reviews of our products and services, and from other third-party service providers we engage to market our products and services.

Information we collect and process when you integrate the Service with third parties: You may connect third-party integrations to your Digyto account, which may request certain permissions to access data or send information to or from your account. by Digito. It is your responsibility to review any third-party integrations that you authorize. We may collect information about what types of integrations you use in your Digiyto account. Any permission granted by you grants these third parties access to your data, which may include (but is not limited to) granting third party applications access to view, store and modify your Digito account data. We are not responsible for the practices of third-party integrations, so please carefully review the permissions you grant to third-party apps.

Information from social media sites and other publicly available sources: when you provide feedback or reviews about our products, interact or interact with us on marketplaces, review sites or social media sites such as Facebook, Twitter, LinkedIn and Instagram through posts, comments, questions and other interactions, we may collect such publicly available information, including profile information, to allow us to connect with you, improve our products, better understand user reactions and issues, or reproduce and publish your comments on our websites. We must inform you that once collected, this information may remain with us even if you delete it from these sites. Digito may also aggregate and update information about you from other publicly available sources.

3. PURPOSES OF THE TREATMENT.

1. The primary purposes for which DIGYTO could request, obtain, store and/or use the Personal Data necessary to comply with the obligations derived from our legal relationship:
   1. For your employment or commercial contract.
   2. To carry out all activities that are necessary for the legal relationship between us.
   3. To send you information about matters related to the employment or commercial relationship between us.
   4. To contract the services necessary to deliver the economic and in-kind benefits agreed and pre-established in the contracts.
   5. For statistical purposes and preparation of periodic reports.
   6. To keep our databases updated.
   7. To carry out all the procedures before the corresponding authorities.
   8. To keep a record and control of health programs at work


2. The secondary purposes for which DIGYTO could request, obtain, store and/or use Personal Data are the following:
   1. For the purposes of communication, promotion and dissemination through physical and electronic means, of our products and/or services.
   2. Surveys to measure the quality and satisfaction of products and services.

In no case will any Personal Data collected be used other than those indicated here, unless there is a change in this Privacy Notice in accordance with the provisions of section IX.

4. TRANSFER OF PERSONAL DATA.

The Owner understands and accepts that DIGYTO is authorized to transfer the Data to third parties, respecting at all times the purposes set forth in this Privacy Notice. Based on articles 36 and 37 of the Federal Law on Protection of Personal Data Held by Private Parties, Personal Data and/or Sensitive Personal Data may be lawfully transferred for the purposes established in this Privacy Notice to: p>

1. The subsidiaries, subsidiaries, affiliates, controlling, and/or controlled companies of DIGYTO within the national territory or abroad.
2. When the transfer is necessary to provide the products and services or comply with the contracted labor or commercial relationships.
3. To third parties in matters of customer service and studies related to the provision of DIGYTO products and services.
4. Third parties such as marketing agencies that participate with DIGYTO to be able to offer their products and services in terms of what is established by the applicable regulation regarding Personal Data.

The Owner accepts that by providing their Personal Data, they will be subject to the transfers mentioned in this Privacy Notice. To revoke consent, it will be enough for the owner to present the corresponding request at the address of DIGYTO, complying with the provisions of section V.

5. MEANS AND PROCEDURE TO EXERCISE ARCO RIGHTS.

To exercise your ARCO rights (access, rectification, cancellation and opposition), you must send an email to hola@digyto.mx from Monday to Friday from 9:00 a.m. to 6:00 p.m., at business days, as applicable. In order to process any request for access, rectification, cancellation or opposition, you must send an email to the address indicated in addition to attaching the following:

1. The name of the Owner, address and/or any other means to communicate the response to your request.
2. Documents that prove the identity or, where applicable, the legal representation of the Owner.
3. The clear and precise description of the Personal Data with respect to which one seeks to exercise any of the aforementioned rights.
4. Any other element or document that facilitates the location of the Owner's Data.
5. Clearly specify whether the request is for access, rectification, cancellation or opposition.
6. The reason for the request.
7. The modifications to be made, in case the request is for the rectification of Personal Data and to provide the documentation that supports your request.

In the event that the information provided in the ARCO Request is insufficient or erroneous to process it, or the necessary documents to process it are not accompanied, DIGYTO will require the owner of the data or his representative, within the 5 business days following receipt of the ARCO Application, for a single time, providing the elements or documents necessary to process it. The owner of the data or his representative will have 10 business days from the day following receipt of the request, to respond.

DIGYTO will respond to the ARCO Request with the determination reached, within a period of 20 business days from receipt of the request, or if additional information or documents have been requested, within a period of 20 business days counted from the day following the presentation of the response to the request.

If the ARCO Request is approved, DIGYTO will make the determination reached effective within a period of 15 business days from the moment the response is communicated to the data owner or his or her representative. In the case of ARCO Requests on the right of access to personal data, the delivery of the same will be made after accreditation of the identity of the owner of the data or his representative.

DIGYTO may extend the deadlines to respond to an ARCO Request, and/or to make effective the determination reached, only once, for periods equal to those indicated in each case, provided that it considers that the circumstances of the case make it so. they justify. In such cases, DIGYTO will notify the data owner or his representative of the circumstance(s) that justify the extension, within each of the original deadlines to respond or make the determination reached effective.

The responses to ARCO Requests will be delivered to the data owner or his legal representative in simple copies or in an electronic file depending on the type and quantity of documents in each case.

To revoke consent, it will be enough for the owner to present his or her request at the address of DIGYTO. DIGYTO will make said request effective, as long as it is not personal data necessary for the existence, maintenance and compliance of its legal relationship with the owner of the data.

DIGYTO may deny access, rectification, cancellation or opposition to their processing, in the following cases:

• When the applicant is not the owner of the personal data, or the legal representative is not duly accredited to do so.
• When the applicant's personal data is not found in its database.
• When the rights of a third party are violated.
• When there is a legal impediment, or the resolution of a competent authority that restricts access to personal data or that does not allow rectification, cancellation or opposition thereof.
• When the rectification, cancellation or opposition has been previously made.

6. MECHANISMS AND PROCEDURES SO THAT THE OWNER CAN REVOCATE HIS CONSENT.

DIGYTO will be empowered to give the treatment it considers appropriate to the Personal Data, as long as it is carried out in accordance with the purposes indicated in subsection (a) of Section III of this Privacy Notice. For the processing of the purposes indicated in subsection (b) of the aforementioned Section, DIGYTO may carry out such processing until it receives the refusal from the Owner.

In order for the Owner to express his/her refusal in this regard, he/she must contact DIGYTO through the procedure established for the exercise of ARCO Rights indicated in Section V of this Privacy Notice.

7. IDENTITY AND ADDRESS OF THE CONTROLLER.

In accordance with article 15 of the Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP), the company DIGYTO SOLUTIONS S.A. DE C.V., hereinafter "DIGYTO", with tax address Av. Pedro Henríquez Ureña No. 444 Interior Marsella C5 D401, Col. Pedregal de Coyoacán, Delegación Coyoacán, CDMX C.P. 04330, informs you of this Privacy Notice.

8. OPTIONS TO LIMIT USE OR DISCLOSURE.

To comply with the purposes of this Privacy Notice, as well as to be able to process Personal Data, it is possible that DIGYTO delivers all or part of the Data to third parties who may be natural or legal persons, national or foreign, affiliated or subsidiary companies, including suppliers of goods or services, that require to know this information, including information storage servers, who will be obliged, by contract, to maintain the confidentiality of the Personal Data and in accordance with the provisions of this Notice of Privacy. The third party recipients may be industrial, commercial and/or service companies.

DIGYTO is committed to having the legal and security measures sufficient and necessary to guarantee that your Personal Data remains confidential and secure.

9. COMMUNICATION FOR USE OF COOKIES, WEB BEACONS OR SIMILAR.

In the event that the Owner provides his/her Data through electronic means, including the DIGYTO website (Internet), the Owner understands, accepts and acknowledges that:

• The DIGYTO website may include links to third-party websites, which if accessed will cause you to leave the DIGYTO website, for which DIGYTO assumes no responsibility in relation to those third-party websites.
li>
• The DIGYTO website may include links to sites that manage social networks, in which case the Owner accepts that by providing any type of information or Data on said sites, it will cause it to be read, viewed, accessed, retransmitted and processed by any person, and therefore releases DIGYTO from any liability.

Cookies: These are data files that are stored on the hard drive of a user's computer equipment or electronic communications device when browsing a specific Internet site, which allows the exchange of status information between said site and the user. user's browser. State information may reveal means of session identification, authentication or user preferences, as well as any other data stored by the browser regarding the Internet site.

Web beacons: They are a visible or hidden image inserted within a website or email, which is used to monitor user behavior in these media. Through these you can obtain information such as the source IP address, browser used, operating system, time at which the page was accessed, and in the case of email, the association of the above data with the recipient.

DIGYTO may use cookies or web beacons on its website to facilitate navigation and to obtain greater efficiency by facilitating the personalization of the services offered to visitors. The cookies or webbeacons used on DIGYTO websites do not provide references that allow deducing the name and surname of the visitor and they cannot read data from your hard drive or include viruses in their texts. It is also not possible to read the cookies implanted on the visitor's hard drive from other servers. The visitor can configure their browser to accept or reject all cookies or web beacons by default or to receive a notification on the screen of the reception of each cookie or web beacon and decide at that moment whether or not to implant it on their hard drive.

10. CHANGES TO THE PRIVACY NOTICE.

This Privacy Notice may undergo modifications, changes or updates derived from new legal requirements; of our own needs for the products or services we offer; of our privacy practices; of changes in our business model, or for other reasons.

It is our commitment to keep you informed about any changes that this Privacy Notice may undergo, through this same page.