MGCS, S.C. (hereinafter “MGCS”), in compliance with the Mexican Federal Law on Protection of Personal Data Held by Private Parties (“LFPDPP”) and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”), is responsible for your personal data and is committed to ensuring that your personal information is protected and not misused. The processing of your personal data is carried out lawfully and in accordance with the principles of legality, purpose, loyalty, consent, quality, proportionality, information, and responsibility, established in Article 5 of the LFPDPP and is performed under the LFPDPP, based on the following grounds:
- The processing will be lawful, observing the principles of legality, purpose, loyalty, consent, and information (Art. 5).
- It will be carried out with your express or tacit consent, except for legal exceptions (Art. 7 and 9).
- We will respect your ARCO rights and the purposes established in this notice (Art. 13, 14 and 15).
The purpose of this privacy notice is to inform our prospects, clients, suppliers, candidates, and employees who maintain a labor or commercial relationship with MGCS about the data that MGCS may collect, the purposes of how we handle your personal data, the retention periods of your data, and other aspects of essential importance regarding your personal data and/or sensitive data.
INFORMATION OF THE RESPONSIBLE PARTY
MGCS, S.C.
Oxford No. 30, Col. Juárez, Cuauhtémoc, 06600, Mexico City
https://mgcs.ws | Email: [email protected]
MGCS has a Personal Data Protection Officer whose mission is to ensure compliance with the regulations in force regarding personal data protection. You can contact them at the following email and address: [email protected], Oxford No. 30, Col. Juárez, Cuauhtémoc, 06600, Mexico City
TYPES OF DATA COLLECTED AND CONSENT
In accordance with the provisions of the GDPR and the LFPDPP, by accepting this Privacy Notice, the Client and User PROVIDE THEIR informed, express, free, and unequivocal CONSENT to process the personal data collected through our website. MGCS collects personal data from its prospects, clients, and job applicants (hereinafter “Clients and Users”) through any lawful means: website, direct collection, emails, telephone calls, etc., for the correct provision of its services. MGCS collects the following information solely with the consent of its Clients and Users, and according to its legal and regulatory obligations:
- Identity data: last names, first names, date and place of birth, gender, marital status, nationality, photograph, CURP, copy of identity documents (ID card, passport, driver's license, residence permit);
- Contact data: professional/home address, telephone number, landline or cell phone, fax, email;
- Candidate data for a job position: curriculum vitae, cover letter, academic data, work references;
- Tax data: tax address, Federal Taxpayer Registry (RFC) number or tax identification number for foreigners; FIEL (electronic signature), passwords for the SAT portal, current and prior years' tax returns;
- Accounting data: accounting files, accounting backups, accounting books;
- Bank data: bank account details, credit history, online banking passwords, statements, withdrawals, transfers, direct debits, card payments, payment methods;
- Economic status and socio-professional situation data: socio-professional category, income level, assets;
- Family data: copy of marriage certificate, birth certificate, death certificate;
- Corporate data: Articles of Incorporation, Powers of Attorney, Notarial Instruments, corporate books;
- Public data and social networks: data from publicly accessible sources, social networks (if necessary), third-party references;
- Minors' privacy: Unless the parents or guardians give consent, we will not perform acts with minors or approve job applications or derived services. However, we may handle minors' personal data for various procedures with prior authorization from parents or guardians;
- Sensitive data: We may request sensitive data from our employees such as chronic illnesses, blood type, or allergies to prevent activities that put their health at risk and to provide first aid support if needed. These essential data are collected exclusively for the employment relationship and will be treated solely for the purposes established in this Privacy Notice.
These data are collected by MGCS when information, quotes, or applications are requested, or when a product, operation, or service is offered or contracted. The data will be updated throughout the relationship with Clients and Users. Clients and Users guarantee that the data provided are true, accurate, complete, and up to date, being responsible for any direct or indirect damage or prejudice caused as a result of breach of such obligation, beyond their right to rectification. If a Client or User provides data of third parties, they will be responsible for complying with all applicable data protection regulations. The refuse to communicate all or part of these data may imply the impossibility of continuing the commercial or work relationship with MGCS. MGCS cannot guarantee the absolute invulnerability of systems, therefore, it assumes no liability for damages derived from alterations caused by third parties in computer systems or files.
CONTACT FORMS AND JOB BOARD
The data collected in the contact forms (mandatory name and email address) and job board on our website are not registered in an automated file.
PURPOSE OF PERSONAL DATA PROCESSING
According to applicable regulations, all processing carried out by MGCS answers to specific, explicit, and legitimate purposes. These purposes are indispensable to answer your requests/emails as prospects, candidates, and for the conclusion and execution of our services, or for compliance with our legal and regulatory obligations:
Purposes that do not require the User's consent (Primary purposes)
Contractual and pre-contractual purposes
- To be contacted in case a candidate's profile is of interest to MGCS;
- Regarding employees, to comply with the terms and conditions of the employment relationship;
- Grant social and legal benefits, provide training and promotions based on skills, and maintain a backup archive of compliance with obligations;
- Protect the security and integrity of people within our facilities;
- Conclusion and execution of quotes;
- Provision of accounting, tax, and legal services, and their invoicing;
- Comply with the terms and conditions regarding any general legal relationship that exists or will exist with our Clients and Users.
Legal and regulatory purposes
- Verification and confirmation of the identity of our Clients and Users;
- Execution of accounting, contractual, tax, social security, and legal obligations of our Clients and Users, including procedures before authorities such as SAT, IMSS, INFONAVIT, among others;
- Risk assessment and management for compliance with legal or regulatory obligations;
- Security and fraud prevention;
- Anti-money laundering compliance;
- Management of tax, social, and legal declarations of our Clients;
- Regarding our workers, comply with tax, labor, and social security regulations, even after the termination of the employment relationship.
Purposes that do require the user's consent (Secondary or non-essential purposes)
Legitimate purposes
- Notify about new services of MGCS related to those already contracted, if you are a client;
- Communicate changes in our services;
- Conduct periodic evaluations of our services to improve quality;
- Offer exclusive benefits that might be of interest due to your relationship as a client, employee, or applicant;
- Commercial, marketing, and statistical actions;
- Management of social media content;
- Sending newsletters about current regulations, among other topics.
The data processing performed by MGCS includes evaluation, analysis, use, management, handling, transfer, storage, access, and any other analogy necessary for MGCS.
RECIPIENTS OF PERSONAL DATA
In terms of applicable legislation, MGCS may transfer personal data to domestic third parties distinct from the manager only when necessary for compliance with the purposes stated in this privacy notice and as provided by law. In such cases, the third-party recipient will be informed of the content of the privacy notice and will assume the same obligations as MGCS. Transfers that require express consent will be identified and submitted for authorization.
RETENTION PERIOD OF PERSONAL DATA
MGCS retains personal data only to fulfill the purposes defined in this Privacy Notice and to comply with legal or regulatory obligations. Personal data of clients, communications, employee records, prospect files, and documents relating to payroll are retained for a period of 5 to 10 years from the expiration of the contract, termination of commercial or labor relations, or from the last contact, in accordance with applicable Mexican tax legislation. Regarding newsletters, data will be kept until the consent is withdrawn.
DATA SECURITY
The information generated, handled, and stored in the firm's equipment during the normal development of its activities is the property of the client and User and the responsibility of MGCS. MGCS has adopted administrative, technical, and physical security measures necessary to protect Personal Data against damage, loss, alteration, destruction, or unauthorized use.
INTERNATIONAL DATA TRANSFER
MGCS will not transfer personal data of Clients or Users to third parties located outside the European Union.
COOKIES
Our website https://mgcs.ws does not permit the use of cookies.
LIMITATION OF USE OR DISCLOSURE OF PERSONAL DATA, REVOCACIÓN DEL CONSENTIMIENTO Y EJERCICIO DE DERECHOS DE ACCESO, RECTIFICACIÓN, CANCELACIÓN Y OPOSICIÓN
As the owner of your personal data, you have the right to: (i) access your personal data held by MGCS, (ii) rectify them if they are outdated, inaccurate, or incomplete, (iii) cancel them when you consider they are not being used in accordance with principles, or (iv) oppose their processing for specific purposes. These are known as "ARCO Rights." You may also limit the use or disclosure of data or revoke given consent.
EXERCISE OF RIGHTS
You may exercise your rights in writing at our address, or by email to [email protected], accompanying your request with identity documentation, a clear description of the data and rights you wish to exercise, and a signature. MGCS will issue a response within a maximum of 20 business days from receipt.
CONFIDENTIALITY IN THE PROCESSING OF PERSONAL DATA
The Responsible party, the Data Protection Officer, and any third parties involved in any phase of processing are obliged to maintain the strictest confidentiality regarding personal data. This obligation subsists even after the termination of the relationship without any time limitation.
AMENDMENT TO THE PRIVACY NOTICE
MGCS reserves the right to make changes or modifications at any time to this Privacy Notice due to new legal requirements or our own needs. We commit to keeping you informed through our website: https://mgcs.ws
ACCEPTANCE
You, as the owner of the personal data referred to in this Privacy Notice, accept that you have read and understood it. Date of last update published: April 8, 2025.
