Privacy Notice for Member Companies
Data Processing Responsibility
Monterrey Aerocluster A.C. (hereinafter, “the Cluster”), located at Av. Fundidora 501-95A, Col. Obrera, Monterrey, N.L. 64010, is responsible for processing personal data provided by members, collaborators, and third parties, in accordance with the principles of lawfulness, consent, information, quality, purpose, loyalty, proportionality, and responsibility. This notice complies with the Federal Law on Protection of Personal Data Held by Private Parties and international data protection standards.
Purposes of Data Processing
Personal data will be used for the following purposes:
- To formalize and maintain the membership or collaboration relationship with the Cluster.
- To provide services and benefits derived from membership, including events, training, and business opportunities.
- To facilitate communication about relevant activities and projects.
- To monitor and improve the quality of services through satisfaction surveys and metric analysis.
- To comply with internal and external audits, as well as local and international regulations related to data protection and operational processes.
- To generate statistical reports and internal analyses for strategic decision-making without compromising data subjects’ identities.
- To communicate activities, opportunities, events, and newsletters.
- To fulfill applicable legal and contractual obligations.
Data Transfer and Storage
Personal data may be transferred and stored in secure management systems, including, but not limited to, Zoho One and Microsoft 365, which implement enterprise-level security controls. In the case of international transfers, we will apply standard contractual clauses to ensure data protection.
Data Protection and Confidentiality
The Cluster is committed to the complete confidentiality of the information and personal data of member companies, ensuring that data will not be disclosed, transferred, or shared with third parties without the express consent of the company or unless required by law. The company’s confidential information will be protected at all times and will not be used for any purpose other than the membership relationship.
To protect personal data, we implement administrative, technical, and physical security measures to prevent its loss, alteration, destruction, access, or unauthorized use. Although we take all necessary measures, we cannot absolutely guarantee that our systems will be free from attacks or unauthorized access.
Rights to Access, Rectification, Cancellation, and Opposition (ARCO)
Data subjects have the right to access, rectify, cancel, oppose the processing of their personal data, and request data portability. To exercise these rights, they must submit a request via or at our offices at the address provided.
The request must include:
- The full name of the data subject and contact details.
- A description of the personal data for which any ARCO rights are sought.
- Documents that prove identity or legal representation, as applicable.
Limitation of Liability in Case of Breach or Hack
In the event of unauthorized access or a security breach, the Cluster commits to:
- Notify the data subjects within 72 hours of detecting the breach.
- Implement measures to contain and mitigate the effects of the breach.
- Provide affected data subjects with a report on the breach, the scope of compromised data, and corrective actions.
The Cluster will not be liable for damages arising from hacking or unauthorized access beyond our reasonable control. Data subjects acknowledge the inherent risks of storing and processing data on technological platforms.
Modifications to the Privacy Notice
The Cluster reserves the right to modify this privacy notice to reflect legislative changes or new security practices. Modifications will be communicated via notification to data subjects’ emails or on our website, www.monterreyaerocluster.com