| FULL PRIVACY NOTICE FOR THE PROTECTION OF PERSONAL DATA |
| GENERAL INFORMATION OF THE DATA CONTROLLER | |||
| Corporate Name: | IDEAS RESPONSABLES S.A. de C.V. | ||
| Commercial Name: | Manto Regen | ||
| Address: | Priv. Andrés Terán 35 Local 16, Ladrón de Guevara, 44600 Guadalajara, Jalisco | ||
| Website: | https://mantoregen.com/ | ||
| Primary line of business: | We develop nature-based solutions to drive traceable and comprehensive regenerative transitions that generate positive impact on carbon, water, and biodiversity. | ||
| Publication date: | October 10, 2025 | ||
| MEANS TO EXERCISE ARCO RIGHTS | |||
| Email: | contacto@mantoregen.com | ||
| Online: | https://mantoregen.com/contacto/ | ||
| By mail to the following address: | Priv. Andrés Terán 35 Local 16, Ladrón de Guevara, 44600 Guadalajara, Jalisco | ||
| Business days and hours: | 9:00 AM to 5:00 PM | ||
| Customer service phone number(s): | +52 155 8012 2515 | ||
| Maximum response time: | 5 business days | ||
| TRANSFER OF PERSONAL DATA | |||
| CORPORATE NAME | COUNTRY | PURPOSE | |
| Proyectos Saraperos S.A.P.I. de C.V. | México | Administrative management, data analysis, operational coordination, technological support, and compliance with the internal policies of the corporate group. | |
| PURPOSE OF THE PROCESSING OF PERSONAL DATA | |||
| MAIN PURPOSES: | |||
| 1. | Assess, design, implement and monitor territorial regeneration projects and programs, nature-based solutions, and multi-stakeholder governance. | ||
| 2. | Integrate and manage databases of participants, community organizations, strategic allies and beneficiaries linked to the projects. | ||
| 3. | Identification of data subjects or individuals. | ||
| 4. | Obtain the user’s location. | ||
| 5. | Create profiles and verify users. | ||
| 6. | Comply with contractual, technical, financial and reporting obligations arising from consulting services and collaboration agreements. | ||
| 7. | Manage administrative and logistics processes related to the projects, including payments, expense verification and field coordination. | ||
| 8. | Prepare reports, statements and communications of environmental, social and economic results, in accordance with monitoring, reporting and verification (MRV) standards. | ||
| ADDITIONAL PURPOSES | |||
| 1. | Provide information on training programs, calls for applications or learning spaces on territorial regeneration, regenerative tourism and green finance. | ||
| 2. | Communicate results, stories and success cases related to the projects, with the prior authorization of the data subjects. | ||
| 3. | Send newsletters, invitations to events or educational materials related to Manto Regen’s activities. | ||
| 4. | Conduct surveys, participatory diagnostics or community listening processes for the purpose of improving the projects. | ||
| 5. | Provide information through a newsletter, including sending emails with such newsletter. | ||
| 6. | Verify that the data subject is of legal age. | ||
| 7 | Prevent and detect security threats, fraudulent behavior or other malicious activities that could affect the data subject or the controller. | ||
| 8. | Select the content that will be communicated to the data subject. | ||
| 9. | Personalize the controller’s websites. | ||
| 10. | Conduct any type of research related to prospecting that, as a client, may be carried out regarding the personal data subject. | ||
| 11. | Offer or publish job opportunities and offers, as well as guidance and/or training opportunities. | ||
| 12. | Prepare studies, advertising or marketing campaigns, programs and statistics as necessary. | ||
| 1 | IDENTITY AND ADDRESS OF THE CONTROLLER |
| In accordance with the Federal Law on the Protection of Personal Data Held by Private Parties, the Controller responsible for collecting your personal data is the one indicated in the GENERAL INFORMATION ABOUT THE DATA CONTROLLER at the beginning of this document. The Controller hereby informs you of its privacy policy and the handling of personal data and will at all times ensure that the processing of your data is lawful, controlled and transparent, in order to guarantee their privacy. | |
| 2 | SCOPE OF THIS PRIVACY NOTICE |
| The Controller is a legal entity, fully exercising its rights and with all legal capacity and authority to provide services and assume all its obligations, including those arising from this instrument. The Controller is supported by a duly structured company with commercial processes, management structures and technical systems that may operate in different federal entities within the United Mexican States and abroad, in order to duly perform its functions. This Privacy Notice applies to all web platforms, including the websites, domains, services, web platforms, applications and products belonging to the Controller and its wholly owned subsidiaries (“Controller’s sites or services”), unless a specific privacy policy or statement for a particular product or service of the Controller supersedes or complements this Privacy Notice. The scope of this Privacy Notice and, in particular, the collection and obtaining of personal data may be carried out through the following means: e-commerce, mobile application, website, social media accounts, telephone and/or mobile phone cameras. | |
| 3 | PURPOSE OF THE PROCESSING OF THE DATA COLLECTED | |
| The personal data you provide will be processed for the purposes described below. | ||
Main Purposes | To identify, locate, contact you, provide services, follow up on contractual obligations, send you information and/or follow up on the commercial, employment and/or customer relationships that give rise to the transfer of the corresponding personal data. | |
| Secondary Purposes | If you do not wish your personal data to be processed for these additional purposes, you may, from this moment, submit an ARCO rights request, pursuant to the corresponding section of this Privacy Notice. | |
| Special Purposes | Marketing Advertising Commercial prospecting | |
| 4 | SENSITIVE PERSONAL DATA PROCESSED |
| CONSENT FOR THE PROCESSING OF SENSITIVE PERSONAL DATA | |
| The data subject freely and in an informed manner grants their consent for their sensitive personal data to be processed in accordance with this Privacy Notice. Such consent is given by the data subject through the click actions on the windows and buttons enabled for this purpose on the Controller’s website. | |
| 5 | TRANSFER OF PERSONAL DATA |
| We inform you that your personal data may be transferred to the individuals and/or legal entities indicated, in accordance with the purposes described in the TRANSFER OF PERSONAL DATA section. | |
| CONSENT FOR THE TRANSFER OF PERSONAL DATA | |
| The data subject freely and in an informed manner grants their consent for their personal and sensitive personal data to be transferred in accordance with this Privacy Notice. Such consent is given by the data subject through the click actions on the windows and buttons enabled for this purpose on the Controller’s website. | |
| 6 | EXERCISE OF ARCO RIGHTS AND REVOCATION OF CONSENT FOR THE PROCESSING OF PERSONAL DATA | |
| You have the right to know which of your personal data we hold, what we use them for and the conditions of their use (Access). Likewise, you have the right to request the correction of your personal information if it is outdated, inaccurate or incomplete (Rectification); to request that we delete it from our records or databases when you consider that it is not being used in accordance with the principles, duties and obligations set forth in the applicable regulations (Cancellation); and to oppose the use of your personal data for specific purposes (Opposition). These rights are known as ARCO rights. You may revoke the consent that you have granted us for the processing of your personal data. However, please note that we may not be able to process your request or immediately stop the use in all cases, as it is possible that, due to legal obligations, we may need to continue processing certain data. You should also consider that, for certain purposes, revoking your consent may mean that we will no longer be able to provide you with the requested services or sell you our products, which may result in the termination of our relationship. If you wish to exercise your ARCO rights (access, rectification, cancellation or opposition) regarding any personal data that you have provided to us, you may do so at any time by submitting your request through the MEANS TO EXERCISE ARCO RIGHTS indicated in this Privacy Notice. To this end, you must clearly inform us which personal data you wish to have rectified, cancelled or reviewed, the purpose for which you provided them and, where applicable, the name of the Controller to whom you submitted them, and generally comply with the requirements set forth in Article 29 of the Federal Law on the Protection of Personal Data Held by Private Parties. To exercise your ARCO rights, your request must include the following: A clear and concise written request, signed by you, specifying the data you wish to modify, either in printed or digitized form. A copy of an official ID, in printed or digitized form. For requests submitted via the internet, completion of the form made available for that purpose. Any situation, clarification or question regarding the interpretation or compliance of this Privacy Notice, as well as any matter related to the exercise of your rights, may be communicated to us through the means previously indicated. We inform you that the Controller does not regularly transfer data to third parties, except in cases where it is strictly necessary for the provision of a requested service or product. Any such third party will be independently and, where applicable, jointly responsible for giving the appropriate processing to the personal data to which it has access. HOW CAN YOU LIMIT THE USE OR DISCLOSURE OF YOUR PERSONAL INFORMATION? In order for you to limit the use and disclosure of your personal information, we offer the following: Your registration in the Public Registry to Avoid Advertising (Registro Público para Evitar Publicidad), managed by the Federal Consumer Protection Agency (PROFECO), so that your personal data are not used to receive advertising or promotions from goods or service companies. For more information, please consult PROFECO’s website or contact it directly. The Controller may modify this Privacy Notice at any time and will keep it available through this channel for your consultation. | ||
| Mechanisms to limit the use of personal data | Your registration in the Public Registry to Avoid Advertising, managed by PROFECO, so that your personal data are not used to receive advertising or promotions. | |
| 7 | COLLECTION OF INFORMATION AND/OR DATA THROUGH AUTOMATED MEANS |
| In addition to the information you provide, the Controller may collect information during your visit to our website through records in various social networks such as Facebook, Google, Instagram or Twitter and through automatic data collection tools, including forms, web beacons, cookies, Google Analytics or Ads, online quotation tools and integrated web links or applications. These tools collect behavioral or traffic information sent by your browser to a website, such as browser type and language, access times and the address of the website from which you arrived. They also collect information about your Internet Protocol (IP) address, your unique device identifier, your clicks (i.e., the pages you visit, the links you click and other actions taken in relation to the Controller’s websites). The Controller may also use some of these automatic data collection tools in certain email messages and/or communications sent from this website and, therefore, may collect information when you open an email or click on a link contained therein. The personal data obtained through these tracking technologies include: browsing time, time spent on our website, sections visited and websites accessed prior to ours. Likewise, when visiting our website we may request and collect other personal data such as age, gender or date of birth. This information is used to compile statistics on how many users visited our websites and which pages they accessed, allowing us to better tailor our products and services. The data obtained through the log files described above will not be transferred to any person other than this company or its employees or management. In such cases, they must handle your information in accordance with this Privacy Notice. HOW CAN I CONTROL WHICH COOKIES ARE PLACED ON MY DEVICE? You can decide whether to accept cookies. One way to do this is through your Internet browser settings. Most browsers allow some control over most cookies through their settings (note that if you use your browser settings to block all cookies, you may not be able to access certain parts or functions of our website). Adobe Flash Player is software used to view multimedia content. Websites that use Adobe Flash may store “Flash cookies” on users’ devices to remember settings, preferences and uses similar to other types of cookies. The Controller may use Flash to offer special content, such as video clips or animations. You can access Flash management tools directly from Adobe’s website. To opt out of Google Analytics and Adobe Analytics cookies on Intel websites, you may visit: Google Analytics: http://tools.google.com/dlpage/gaoptout Adobe Analytics: http://www91.intel.com/optout.html For more information about cookies in general, including which cookies have been set and how to manage and delete them, you may, at your sole discretion and responsibility, visit: www.allaboutcookies.org | |
| 8 | CHANGES TO THIS PRIVACY NOTICE |
| The Controller reserves the right to make modifications or updates to this Privacy Notice at any time, in response to legislative developments or internal policies. However, we remain committed to keeping you informed of any changes to this Privacy Notice. If changes occur, they will be published on the Controller’s website or, where appropriate, communicated by email with the relevant information. | |
| 9 | CONTROL AND SECURITY |
| The Controller undertakes to take the necessary measures to protect the information collected, using security technologies and access control procedures to prevent unauthorized access, use or disclosure of your personal data; for example, storing the personal information provided on servers located in data centers with restricted access controls. For online requests, we also use security technologies that protect the personal information transmitted through the different electronic means. However, no security or data transmission system that the Controller does not fully control and/or that depends on the internet can guarantee absolute security. Likewise, the Controller, its employees, representatives, subcontractors, consultants and/or third parties involved at any stage of the processing of Personal Data and/or Patrimonial or Financial Personal Data of the data subject must maintain confidentiality regarding such data. This obligation shall continue even after the relationship between the organization and the data subject has ended. | |