Teléfono Whatsapp

Privacy policy

In accordance with the Federal Law for the Protection of Personal Data in Possession of Individuals (hereinafter, the “Law”), its regulations and other current and related legislation (hereinafter, the “PD Legislation”), we hereby inform you about the treatment of your Personal Data.

1.- Defined Terms

“Personal Data”: means any information concerning an identified or identifiable natural person.

“Sensitive Personal Data”: means any personal data that affects the most intimate sphere of its owner, or whose improper use may give rise to discrimination or entail a serious risk for the owner. In particular, sensitive data are considered those that may reveal aspects such as racial or ethnic origin, present and future health status, genetic information, religious, philosophical and moral beliefs, union membership, political opinions, sexual preference.

“ARCO Rights”: means the rights of Access, Rectification, Cancellation and Opposition.

“Controller”: means the natural or legal person of a private nature that decides on the Processing of Personal Data.

“Data Subject”: means the natural person to whom the Personal Data correspond.

“Transfer”: means any communication of data to a person other than the Controller or Processor.

“Processing”: means the collection, use, disclosure or storage of Personal Data, by any means. Use includes any action of access, handling, use, exploitation, transfer or disposal of Personal Data.

2.- Identity and address of the Responsible Party.

Nomad Living S. de R.L. de C.V., as well as its affiliates and subsidiaries and/or its business units (hereinafter, the “Controller”), with address for the purposes of this Privacy Notice at Av. Jaime Balmes 8, Polanco, Polanco I Secc, Miguel Hidalgo, 11510 Mexico City, CDMX, Mexico, may obtain, use and store the Personal Data of you as Data Subject in your capacity as client or potential client of the Controller and will be responsible for its protection and treatment in terms of the PD Legislation.

3.- Collection of Personal Data.

The Controller will collect Personal Data through (i) https://www.nomadliving.mx (the “Site”), (ii) links sent directly to the Clients through different means, and (iii) directly from the Data Subject by contracting the Controller to provide any of its services or by any type of transaction entered into with the Controller, and also through third parties and other sources permitted by law as authorities, which will be treated under the principles of legality, consent, information, quality, purpose, loyalty, proportionality and responsibility.

4.- Personal data of third parties.

In case the Holder has provided contact data of third parties such as references, authorized persons, co-owners, spouses, beneficiaries, co-creditors, references, guarantors, joint obligors, guarantors, guarantors, guardians, suppliers, beneficiaries and other legal figures related to the services of the Responsible, the Holder guarantees that he/she has their prior authorization to provide such data, including, if applicable, the applicable personal DATA, and is responsible for communicating to such persons the terms and reasons for which we will contact them and, if applicable, the Processing of their Personal Data in accordance with this Privacy Notice, as well as the means to know the full content of the same. Additionally, by consenting to this Privacy Notice, the Data Subject ratifies his or her authorization for the Controller to contact such persons. The Controller will comply at all times with the provisions of the PD Legislation with respect to the Personal Data that we obtain indirectly.

Please note that the information of our customers who are legal entities is not considered Personal Data in terms of the PD Legislation, in the understanding that we will treat it with the same level of care as the information of our customers who are natural persons. In the event that our corporate clients share with us Personal Data that they maintain (for example, of their employees), we will understand in good faith that they have the necessary authorizations to share such personal information with us and we will comply with the above paragraph.

5.- Personal Data that will be collected by the Controller.

The Controller shall collect and process the following Personal Data of the customers and/or potential customers from the Data Controller:

  1. Full name
  2. Cell phone number
  3. E-mail address
  4. Data contained in your official ID
  5. Address
  6. Federal Taxpayer Registry
  7. Unique Population Registry Code (CURP)
  8. Payment information (such as credit card or bank account numbers).
  9. History of purchases or transactions.
  10. Proof of tax compliance
  11. Proof of income (employment data, where you work, position, salary).
  12. Immigration permit for foreigners
  13. Authorization to review your credit history

In any case, the information must be truthful and complete. Since it is the Data Subject who provides his or her Personal Data, we presume that such data is truthful until he or she states and proves otherwise, or the Responsible Party obtains evidence to the contrary.

6.- Sensitive Personal Data

We inform you that the Controller does not collect or process sensitive Personal Data of the Data Subject, such as those referring to racial or ethnic origin, present and/or future health status, genetic information, religious, philosophical and/or moral beliefs, union membership, political opinions and sexual preference, among others.

7.- Purpose of the Processing of your Personal Data.

The Personal Data collected by the Controller from the Data Subject will be processed for the following primary and secondary purposes.

Primary Purposes. – Purposes that give rise to and are necessary for the legal relationship between clients and potential clients and the Controller:

  1. To identify and contact you.
  2. To provide you with the information you request, make quotations, reservations, purchases, cancellations, changes, and delivery of products and services.
  3. Notify you of changes, delays, cancellations or other aspects of the contracted services.
  4. Provide the requested services and any related services.
  5. Maintain, develop, administer, control and comply with the contractual relationship derived from the request and/or contracting of our services.
  6. To issue the corresponding tax receipts for the payment of the contracted services.
  7. To attend advising and consultations via chat and/or by any other means.
  8. To attend clarifications, queries, comments and complaints regarding the services provided, as well as to take into consideration the opinions that you send us or post on social networks. As well as to provide technical support, solve problems or any other communication related to the business relationship.
  9. Marketing, advertising, promotion, commercial prospecting, referral processes, the development, evaluation and analysis of User profiles for the development and offering of new products and services, conducting surveys unrelated to our products or services, analytical and statistical purposes, all related to the services of the Responsible, its affiliates, subsidiaries, allies and other third parties.
  10. To try to provide you with a quality telephone service, for which we may record the calls answered.
  11. Sale of additional services.
  12. Report incidents and accidents that may occur.
  13. Follow up and make any applicable payments derived from claims, compensations, discounts or reimbursements.
  14. Create, order, catalog, classify, divide, separate and store data and files of the Owners.
  15. Transfer the Personal Data that correspond according to the “Data Transfer” section of this Privacy Notice.
  16. To carry out collection activities.
  17. Manage, develop, maintain, customize and improve our Site and our services and perform the activities necessary for them to function optimally and correctly, as well as prevent or detect fraud or abuse.
  18. Prevention, investigation and attention of fraudulent activities and/or any other type of criminal activity.
  19. To comply with the legal relationship that exists between the Holder and the Controller.
  20. Attend emergency situations, acts of God or force majeure, and inform the competent authorities.
  21. Complementary activities necessary for the fulfillment of the above purposes.
  22. Validation of black lists.
  23. Background check
  24. Credit history review
  25. I expressly authorize the “Responsible” to carry out investigations of: 1) my credit behavior; 2) information related to account movements on government services, including but not limited to: social security, taxes, housing savings, among others.

I declare that I know the nature and scope of the information that will be requested, the use that will be made of it and that periodic consultations of my credit history may be made, as well as any other necessary information in accordance with this authorization for the “Responsible” I agree that this authorization will be valid for 3 years from today’s date, and if applicable, as long as the legal relationship is maintained.

I agree that this document remains the property of the “Responsible” for the purposes of control and compliance with article 28 of the Law to Regulate Credit Information Companies (LRSIC).

  1. The “Responsible” collects and uses personal data about the owners, for the following:

Necessary purposes: 1) information related to account movements on government services, being in an enunciative but not limiting way: validation of bank account information, social security, taxes, housing savings, among others.

Secondary Purposes. – Different purposes that do not give rise to the legal relationship between you and the Responsible, but that are very useful for us to provide better service and develop our legitimate business interests:

  1. To be in contact by mail, email or telephone to share newsletters with you and to conduct surveys regarding the quality of the Services provided by the Controller.
  2. Conducting satisfaction surveys: To use the Data Subject’s data to conduct satisfaction surveys in order to obtain feedback on the quality of products or services, and to improve the experience of the Data Subject.
  3. Inform you and/or offer you products, services and promotions.

8.- Refusal to process Personal Data for secondary purposes.

In case you do not want your Personal Data to be processed for the secondary purposes mentioned above, or any of them, you may refuse your consent from this moment by sending your request to our privacy department, who will indicate the procedure to follow to exercise your right. Your refusal in this regard may not be a reason for us to deny you the services and products you request or contract with us.

9.- Use Of Cookies, Web Beacons And Other Similar Technologies

Cookies are small pieces of information that are sent by a website to your browser and stored on your computer’s hard drive and are used to determine your preferences when you connect to the services of our sites, as well as to track certain behaviors or activities carried out by the Holder within our sites.

In some sections of our Site we require the Holder to have cookies enabled as some of the functionalities require cookies to work. Cookies allow us to: a) recognize the user when entering our sites and offer a personalized experience, b) know the personal settings of the site specified by the user, for example, cookies allow us to detect the bandwidth that the user has selected when entering the home page of our sites, so that we know what kind of information it is advisable to download, c) calculate the size of our audience and measure some traffic parameters, since each user who accesses our sites acquires a cookie that is used to determine the frequency of use and the sections of the sites visited, thus reflecting their habits and preferences, information that is useful for us to improve the content, headlines and promotions for users, not all functions of the sites require the enablement of these.

Cookies also help us to track some activities, for example, in some of the surveys we launch online, we may use cookies to detect if the Holder has already filled out the survey and avoid displaying it again, if he/she has done so. However, cookies will allow you to take advantage of the most beneficial features we offer, so we recommend that you leave them enabled. The use of cookies will not be used to identify users, with the exception of cases in which possible fraudulent activities are being investigated.

In this regard, we inform you that the Site makes use of cookies and other technologies, through which it is possible to automatically monitor your behavior, provide our services and give you an optimal and personalized experience during the use of the same, as well as offer new services based on your preferences. The Personal Data collected through these technologies are: IP address, websites and sections thereof that the Holder visits from the Sites, before the Sites or on pages related to the Site, browser characteristics, device characteristics, operating system, language preferences, URLs to which reference is made, information on behaviors and actions performed on the Site, dates and times of visits to the Sites, sections or content consulted on the Sites and location data and location of the User.

These technologies can be disabled by accessing the Privacy and/or Security option(s) located in the section(s) of Options, Tools, Internet Preferences or similar functions of the Internet browser you are using; however, when disabling them you should take into account that such action may result in not being able to obtain the full functionality that the Site could offer you.

10.- Transfer of Personal Data.

For the fulfillment of the primary purposes indicated in this Notice, your Personal Data may be transferred within the national territory or abroad, in accordance with the following:

  1. To authorities, agencies or governmental entities, in compliance with or in connection with the obligations contemplated in the legislation applicable to the Responsible Party, its subsidiaries and/or affiliates, as well as in compliance with requirements made to them.
  2. To authorities, agencies or governmental entities, when the transfer is officially required and/or necessary for the recognition, exercise or defense of a right of the Controller, its subsidiaries and/or affiliates in a judicial process.
  3. To third party acquirers, derived from a corporate restructuring of the Controller, including, merger, consolidation, sale, liquidation or transfer of assets, when the transfer is necessary for the maintenance or fulfillment of a relationship between the Controller and the Data Subject.
  4. To affiliated or subsidiary companies of the Controller, which are part of the same group, operating under our same processes and internal policies, in order to provide a better service and comply with our internal regulations.
  5. When the transfer is necessary by virtue of a contract entered into or to be entered into in the interest of the holder, by the responsible and a third party.
  6. When the transfer is necessary for the maintenance or fulfillment of our contractual relationship with you.
  7. Based on the other assumptions established in the Personal Data Legislation, which do not require your consent.

According to the Personal Data Legislation, the aforementioned transfers do not require your consent.

Likewise, the identification and contact Personal Data may be transferred to the following legal entities, in which cases we do require your consent:

  1. To third parties that exhibit and market services through our sites, commercial allies and other strategic allies of the Responsible Party, for marketing, advertising or commercial prospecting purposes.
  2. Companies with commercial activities, with the purpose of commercial prospecting and sale of their own products or services or those of such companies.
  3. Companies with promotional, marketing and advertising activities, in order to carry out studies, market surveys, disseminate advertising and inform about travel promotions, destinations and tickets.
  4. Companies with financial activities, with the purpose of offering you products and services of such companies or co-branded products and services.
  5. Companies with tourism activities, with the purpose of promoting their lodging and broadcasting services in national and international destinations.

If the Data Subject does not express his or her refusal for us to carry out these transfers, or any of them, we will understand that he or she has given us his or her consent. The refusal for the transfer of Personal Data can be made from this moment by sending an email to the Personal Data department of the Controller to the following email address datospersonales@cclagroup.com.

In any of the cases mentioned above, we will communicate this Privacy Notice to the third party recipients, in order to ensure that their information is used in accordance with the terms of this Privacy Notice.

11.- Personal Data Department.

Our Personal Data Department will be in charge of processing requests for the exercise of rights and to promote the protection of Personal Data, said department is located at the address mentioned above and may be contacted at that address or by e-mail at datospersonales@cclagroup.com.

12.- Means to exercise your rights.

In all legally appropriate cases, the Data Subject may, at any time and through the procedure set forth herein, exercise the following rights regarding his/her Personal Data: (i) rights of Access, Rectification, Cancellation and Opposition (“ARCO Rights”); (ii) revoke the consent granted to each of the Controllers for the processing of their Personal Data; (iii) limit the use or disclosure of their Personal Data; and (iv) express their refusal for the processing of their Personal Data with respect to the secondary and accessory purposes or for certain transfers previously mentioned in this notice.

13.- ARCO Rights

In order to exercise such rights regarding your Personal Data, the Data Subject or his/her duly accredited legal representative, must submit the corresponding request through an e-mail to the following address datospersonales@cclagroup.com addressed to our Personal Data Department, who will inform you about the procedure and requirements for the exercise of such rights, response deadlines, the way in which we will make your right effective, and will attend to any doubt, complaint or comment you may have in this regard.

The request for the exercise of ARCO Rights must include a clear and precise description of the right you wish to exercise and the Personal Data in respect of which you seek to exercise it. The request may be submitted in writing and must be signed at the end and initialed at the bottom of each of the pages and be accompanied by the following documentation, so that its authentication may be carried out:

  1. Identification data, as well as a copy of the current official ID (current official ID with photograph).
  2. In cases where the exercise of the ARCO Rights is made through its legal representative, the official identification of the representative must be attached, as well as the corresponding power of attorney notarized before a notary public that certifies the legal representation conferred by the Holder.
  3. Address to hear and receive our response and, where appropriate, future communications and / or notifications, or your desire that our response and / or future notifications or responses are sent via email, indicating the respective account.
  4. When you wish to exercise the right of rectification, you must show the documentation that proves the requested change in accordance with the Personal Data to be rectified, as well as mention the modifications to be made.
  5. Any other element or document that facilitates the location of your Personal Data.

We will respond to any of your requests within 20 (twenty) business days of receipt.

In the event that your request is granted, it will be effective within 15 (fifteen) business days following the date on which we communicate our response, in accordance with the provisions of the PD Legislation.

These deadlines may be extended once for an equal period, provided that the circumstances of the case justify it, which we will inform you by means of a notification.

If the request for the exercise of ARCO Rights is about the exercise of the right of access, we will make your information or Personal Data available to you through simple copies and/or electronic documents.

As the Controller, we may deny the exercise of ARCO Rights in the cases permitted by the DP Legislation, so you must be informed of the reason for such denial. The refusal may be partial, in which case we will carry out the access, rectification, cancellation or opposition in the appropriate part.

The Responsible undertakes to comply with all the provisions of the Law and to observe at all times the principles of legality, consent, information, quality, purpose, loyalty, proportionality and responsibility contained therein.

The Responsible will take reasonable organizational and technical security measures to prevent the loss, misuse, alteration or unlawful disclosure of your information and Personal Data, which we require to be complied with by the service providers we hire, including services provided by the Responsible’s subsidiaries or affiliates.

The Controller wishes to keep your Personal Data updated at all times. Therefore, we request your cooperation in communicating to us in a timely manner any change that we should take into account, in order to incorporate it to our databases. The Holder guarantees and responds, in any case, of the truthfulness, accuracy, validity and authenticity of their personal data or those of any third party under their custody or legal representation.

14.- Options to Revoke or Limit the Processing of your Personal Data

You, as Data Subject, may revoke or limit your consent for the processing of your Personal Data following the same procedure as for the exercise of your ARCO Rights, in the understanding that once your request is at our disposal, we will issue our answer within a term no longer than 5 (five) business days. We remind you that not in all cases your request will be admissible or we will be able to conclude the use immediately, since it is possible that due to some legal obligation we may need to continue processing your Personal Data.

15.- Modifications to the Privacy Notice

This Privacy Notice may undergo modifications, changes or updates derived from the Responsible Party’s own needs, from the products or services we offer; from our privacy practices; from changes in our business model, or from other causes; as well as from updates in the applicable legislation.

The updated version will be available to the public through any of the following means:

On our website, which we suggest you visit frequently.
We will be able to send it to the last e-mail address you have provided us.

16.- Acceptance

By making available the Privacy Notice and/or by providing us with your Personal Data and the lack of any opposition manifestation by the Data Subject, it will be understood that the Data Subject grants the Data Controller his/her consent to carry out the processing of the Personal Data provided and/or those provided in the future for any of the purposes set forth herein.

It is important to note that when the purpose of the processing of your Personal Data is to provide you with our services and to comply with the obligations we have with you, in terms of the PD Legislation, it is not necessary to obtain your consent for the processing of such data for such purposes.

Privacy Notice last updated on February 2024.