Talk To us

Privacy Policy

JUNE 20th, 2018

INEGI's privacy policy intends to make known to the various entities with whom it relates the rules of treatment of personal data, which are collected and processed in strict compliance with the provisions of the legislation on the protection of personal data in force, namely the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 ("GDPR").

This Personal Data Protection Policy applies to the processing of personal data by INEGI.

Personal Data
"Personal Data" means information relating to an identified or identifiable person ("Data Subject"). An identifiable person is a person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, identification number, location data, electronical identifiers, or one or more specific physical, physiological, genetic, mental, economic, cultural or social elements that identity that individual.
The personal data to which INEGI has access are those which are exclusively provided by the data subject.

Use of personal data
INEGI is responsible for the processing of personal data and will only process personal data when it:
a) Has a legitimate interest in doing so, in particular to:
- Anwer requests for information from data subjects;
- Supply products and provision of services;
- Provision of information about INEGI’s services or actions;
- Internal processing for administrative and statistical purposes;
- Recruitment process;
- Institutional communication purposes;
b) Has obtained consent to process personal data, according to specified and legitimate purposes and / or;
c) It is necessary to comply with contractual obligations and legal obligations that apply to it. Personal data provided by the data subject will also be processed for the purposes indicated at the time of collection.

Rights of the holder of personal data
The holder of personal data may exercise their rights at any time, namely:
a) Right of access: obtain information, in a clear and clarifying manner, regarding the way INEGI treats their data, as well as accessing their records.
b) Right of rectification: obtain rectification of their personal data if they are out of date, incorrect or incomplete.
c) Right of erasure / right to be forgotten: obtain the elimination of their personal data, with the exception that this right is not absolute, with limitations on the right to erase, namely due to legal obligations.
d) Right of opposition: to oppose, at any time, the processing of personal data that concerns them, based on legitimate interests.
e) Right to limitation of processing: request the limitation of the processing of their personal data in the following situations: if they dispute the accuracy of personal data; if the treatment is illegal and they do not want to delete their data, but only limit it; if the data is no longer needed by INEGI; if they have exercised the aforementioned right of opposition, during the period of time that INEGI examines whether their legitimate interests for treatment prevail over their right.
f) Right to data portability: move, copy or transfer personal data to another entity, provided they are automated.
g) Right to withdraw consent for data processing: withdraw their consent to data processing when this processing is based on their consent. This right does not compromise the legality of the treatment based on consent before the respective withdrawal, nor the subsequent treatment of the same data, based on another legal basis, such as contractual compliance or legal obligation.

Retention period of personal data
Personal data will only be kept for as long as necessary for the purposes for which it was collected. However, data may be kept for longer periods, particularly when the law so requires.

Disclosure of personal data to third parties
Personal data will not be transferred, traded, exchanged, transferred to third parties, for any reason, without the consent of its owner, nor will they be used for purposes other than those for which it obtained consent.
INEGI, within the scope of its activity, may use third parties to provide certain services. When data processing is carried out by a subcontractor or third party to whom data are transmitted, INEGI will request that it present adequate guarantees regarding the protection of personal data, so that it meets the requirements of the legislation in force and ensures the defense of the rights.

Security of personal data
INEGI seeks to protect personal data, namely through the application of appropriate security measures to ensure their protection and prevent access to them by unauthorized persons, in accordance with Regulation (EU) 2016/679, of the European Parliament and the Council of April 27th 2016.
However, we safeguard that the dissemination of information over the Internet is not completely secure, so it is not possible to guarantee, absolutely, the security of the information transmitted through these means.

Changes to the personal data protection policy
INEGI reserves the right to update its Personal Data Protection Policy whenever necessary, these changes being duly publicized and informing the holders of personal data through the registered means of contact.

For any question related to the Personal Data Protection Policy, or to exercise your rights regarding protection and personal data issues, you can contact INEGI.