Notice of confidentiality

It is very important for us to be transparent about the data we collect, how we use such data and with whom we can share such data. In compliance with the Federal Law on Protection of Personal Data Held by Individuals, its Regulations and Guidelines of the Privacy Notice.

1. Responsible for Personal Data.

We inform you that NDS Cognitive Labs (hereinafter NDS) residing at Prolongación Reforma 1190, Tower B, 21st floor, Colonia Cruz Manca, Cuajimalpa Delegation, C.P. 05349, in Mexico City and website http://www.ndscognitivelabs.com is responsible for the use and protection of your personal data, which will be used for the identification, operation, administration and those treatments that are identified later, that are necessary for the provision of the services that you contract or to provide us with some service.

The privacy policies adopted by NDS are intended to allow you to decide freely and informedly about the treatment of your personal data.

In addition, we are in accordance with national and international guidelines on the correct treatment of personal data, derived from it our conscious Privacy Notice of article 16 of the Political Constitution of the United Mexican States where it is recognized that everyone has the right to protection of your personal data, access, rectification and cancellation, as well as to express your opposition in the terms established by law.

For the purposes of this Privacy Notice, the following terms will be understood.

The term "LFPDPPP" means Federal Law on Protection of Personal Data Held by Private Parties

The term "personal information" means any information about you by which you can be identified, directly or indirectly.

The term "ARCO Rights" (access, rectification, cancellation or opposition) Refers to exercising the right by its owner or representative regarding your personal data for what we use them and the conditions of use we give them (Access). Likewise, it is your right to request the correction of your personal information if it is out of date, inaccurate or incomplete (Rectification); that we remove it from our records or databases when it considers that it is not being used properly (Cancellation); as well as oppose the use of your personal data for specific purposes (Opposition), this may be requested before the person responsible for the Protection of Personal Data

The term "Services" refers to the technology products and services offered by NDS, such as Cognitive Computing, Artificial Intelligence, Big Data & Business Intelligence, Computer Security and Monitoring, Software and Network Infrastructure, Business Process Management.

2. Purpose of Processing of Personal Data.

NDS recognizes the importance of protecting your personal information and is committed to processing it responsibly and in accordance with applicable protection laws.

Your personal data will be used for the following purposes:

• Provide the requested services.
• Conclusion of Contracts for the provision of the Service.
• Invoice Issuance.
• Creation and update of the file.
• Comply with those obligations arising from the legal relationship between you as the owner of the personal data you provide us.
• Comply with the obligations and commitments that we have contracted with the Client or the Owner.
• To help with marketing and communication initiatives.
• Any other after-sales service that the company offers to its clients for the purposes of identification, promotion, sale, advertising, statistics, internal analysis, customer and consumer service.
• For the promotion and marketing of products and services.

We do it within the limits and in accordance with the instructions of the Clients in accordance with the terms and conditions of the Service.

Additionally, personal data may be used when we provide the Services to our Clients:

We collect the "account data" Customer, which is data that relates to the customer's relationship with NDS.

Within the Client's account, we collect billing information (such as the billing address, information about whether the customer is a legal entity or an individual subscriber, prepaid or postpaid, and more information if we are legally bound, and according to applicable law) , as well as the documentation of legal accreditation to celebrate any type of legal act.

When doing business with legal entities, we may collect personal data (such as name, business contact details, position in the company) related to their representatives and other personnel who will be our points of contact.

3. NDS services

NDS is an IT Service Provider charged with activating, accelerating and delivering talent and technology solutions.

Our Clients are mainly companies that integrate our Services into their business operations through their software applications. By using our Services, our Clients can send or exchange their communications with their end users using a specific Service designed to the needs and adjustments of each Client.

4. Options and Means to limit the Use or Disclosure of personal data.

At NDS we are aware of the importance of the processing of personal data, which is why all the personal data to which you have access will be treated under the strictest confidentiality, entering into agreements to safeguard, protect and preserve the information.

NDS implements reasonable physical, administrative, and technical security measures to help us protect your personal information from unauthorized access, use, and disclosure. With the understanding that the personal data to which we have access will always be treated in a responsible manner and limiting its use to the purposes established in this Privacy Notice.

In the event that we could have access to personal data of a direct owner and not of the Client to whom a service is provided, in order for the Owner to have a decision on their personal data, they must exercise the ARCO Rights, the Owner or his representative must submit a request for access, rectification, cancellation or opposition with the following information and documentation:

• Name of the Owner and full address or other means to communicate the response to your request;
• The documents that prove your identity (simple copy in printed or electronic format of your voter card, professional identification card with photograph, passport or FM-2 or FM-3 or current Immigration Form) or, where appropriate, the legal representation of the Holder (Simple copy in printed or electronic format of the simple power of attorney letter with autograph signature of the Holder, the representative and their corresponding official identifications - (voter credential, professional photo ID, passport, FM-2 or FM-3 or current Immigration Form );
• The clear and precise description of the Personal Data with respect to which you seek to exercise any of the ARCO Rights, except in the case of the right of Access, NDS COGNITIVE LABS Page 4 of 7 attaching, where appropriate, in electronic format the documents that they provide support your request.
  In the case of a request for access to personal data, you must indicate the mode in which you prefer that they be reproduced, in the case of requests for rectification of personal data, you must specify the modifications to be made and provide the documentation that supports your request; in relation to a cancellation request, you must indicate the causes that motivate you to request the deletion of your personal data and, in the case of the opposition request, you must state the legitimate causes or the specific situation that lead you to request the cessation in the treatment, as well as the damage or harm that the persistence of the treatment would cause, or, where appropriate, the specific purposes for which you need to exercise the right of opposition.
• Any other element or document that facilitates the location of the Owner's Personal Data.
  In the case of requests for rectification of Personal Data, the respective Holder must also indicate the modifications to be made and provide the documentation that supports his request.
  For the reception, registration and attention of requests to exercise your right of access, rectification, cancellation and opposition to your Personal Data, as well as to limit the use or disclosure of your data, and the other rights provided for in the Federal Protection Law of Personal Data in Possession of Individuals, a document duly signed by the owner or his legal representative may be presented, directly in our offices or send an email to the address: legal@ndscognitivelabs.com (This email account is only to receive ARCO rights exercise requests (any other type of request will not be attended), specifying that the legal area of NDS will be responsible for attending to your request.

In the event that your request does not meet any of the aforementioned requirements, a request for additional information will be made within 5 (five) business days of your request, in order to correct the omissions within a period of 10 (ten) business days counted from the day after the notification. Once the term has elapsed without preventing the prevention, the request to exercise the ARCO rights will be considered as not filed. In the event that the Holder meets the information request, the period for the person in charge to respond to the request will begin to run the day after the Holder has met the request.

Once this has been done, the Responsible Party or its Managers will respond to the respective Holder within a maximum period of 20 (twenty) business days, counted from the date on which the request for access, rectification, cancellation or opposition was received, the determination adopted, so that, if appropriate, it becomes effective within 15 (fifteen) days following the date on which the response is communicated to the Holder. In the case of requests for access to Personal Data, the Responsible Party or its Managers will proceed with its delivery after accreditation of the identity of the applicant or its legal representative, as appropriate. The aforementioned terms may be extended only in terms of the Federal Law on Protection of Personal Data Held by Private Parties, or may be extended once for an equal period, provided that the circumstances of the case justify it.

The delivery of the Personal Data will be free, it will only correspond to cover the justified shipping costs or the cost of reproduction in copies or other formats. In the event that the Owner reiterates his request in a period of less than 12 (twelve) months, he must cover the corresponding costs in terms of the Federal Law on Protection of Personal Data Held by Private Parties, the Federal Law on Rights and others Applicable regulations in this matter that the National Institute of Transparency, Access to Information and Protection of Personal Data (INAI) issues for such purposes, unless there are substantial modifications to the Privacy Notice that motivate new queries.

For the purposes of requests for cancellation of Personal Data, in addition to the provisions of this Privacy Notice, the provisions of Article 26 of the Federal Law on Protection of Personal Data Held by Individuals, including cases of exception of cancellation of indicated Personal Data.

The presentation of a request for opposition to the use of Personal Data by the Holder thereof, will give the Responsible the power to oppose the use of Personal Data that as Holder has given to the opponent.

The contact details of the area responsible for personal data, which is in charge of processing requests for ARCO rights, are as follows:

Area responsible for personal data: Legal

Email: legal@ndscognitivelabs.com

Address: Prolongación Reforma 1190, Torre B, piso 21, Colonia Cruz Manca

Cuajimalpa Delegation, C.P. 05349, in Mexico City.

Telephone: +52 (55) 5081-2070 ext. 123 or 201

Office hours: 09:00 a.m. to 4:00 p.m., Monday to Friday. The exercise of ARCO rights will be free, and you as the owner must cover only the justified shipping costs or the cost of reproduction in copies or other formats. The aforementioned department will provide you with the necessary attention for the exercise of your ARCO rights and / or revocation of consent and / or limitation-disclosure of your personal data. In addition, it will ensure the protection of your personal data.

5. Transfer of Personal Data from Third Parties.

NDS uses security measures designed to protect against the loss, misuse and alteration of the information under our control. For certain NDS Services, chat / messaging messages / transcripts are encrypted during transmission. Access to this data is protected by multiple layers of controls, including firewalls, access controls, authentication and monitoring mechanisms.

In case of transfer of your data, the third party recipient will assume the same obligations that correspond to NDS for the treatment of personal data and the recipient will have a Privacy Notice. The Client should review the privacy practices to understand what security measures are used.

6. Client Consent

In accordance with the LFPDPPP, there are cases in which the Client's consent will not be required by the consent of the data owner in terms of the provisions of article 37 of the Federal Law on Protection of Personal Data Held by Individuals for the treatment of your personal data, so NDS will not require your authorization to process personal, financial or financial data for the fulfillment of the Purposes, necessary for the provision of NDS services.

It is also informed that you authorize NDS to use and transmit the information received for different purposes including quality of service in compliance with current legislation, among others. This in terms of the provisions of articles 109 of the Federal Law on Copyright and 16 of the Federal Law on Consumer Protection.

In turn, the aforementioned third parties assume our same obligations regarding the protection of their personal data and we promise that they will know our Privacy Notice before starting to use their Services.In case you do not agree, partially or totally , in which your personal data (except financial and patrimonial, which require your express authorization) are processed or transferred for the purposes provided in this Privacy Notice, we request that you notify your disagreement and disagreement to the email legal@ndscognitivelabs.com

7. Changes to the Privacy Notice

This Privacy Notice may undergo modifications, changes or updates derived from new legal requirements; of our own needs, for the products or services we offer; of our privacy practices; Changes in our business model, or other causes. NDS will notify of any changes to the privacy notice through its main site http://www.ndscognitivelabs.com

8. Right to Data Protection before INAI

Any complaint or additional information regarding the treatment of your personal data or doubts in relation to the Federal Law on Protection of Personal Data Held by Private Parties or its Regulations, may be directed to the National Institute of Transparency, Access to Information and Protection of Personal Data (INAI).