Aviso de Privacidad

PRIVACY NOTICE

PRIVACY NOTICE FOR USERS OF THE “DILEMMA” APPLICATION

Dilemma Social Network SA de CV with address at Pedernal, number 543, Colonia Jardines del Pedregal, CP 01900, Alcaldía Álvaro Obregón, Mexico City, Mexico, in its capacity as a subject regulated by the current Federal Law on the Protection of Personal Data Held by Private Parties (hereinafter the «Law»), in compliance with the same and other applicable regulations, makes you aware that it is the Responsible Party (identified as such hereinafter) to decide on the purposes and means of the processing of your personal data, informing you of the conditions and generalities under which this will be carried out, through this Privacy Notice, in relation to the use of the «DILEMMA» application (called the «Application») and the services it offers, with the purpose of guaranteeing the protection of your privacy, in accordance with the following:

1.- Collection of personal data.

The personal data of the user who registers in the «Application» corresponds to the categories of personal identification and contact data, including:

Name of the owner.
Email address.

Please be advised that no sensitive personal data is required for processing by the Controller.

2. Purposes of the processing of personal data

The personal data collected from the user of the «Application» will be processed by the Controller for the following purposes:

Primary purposes. Those necessary for the existence, maintenance and fulfillment of the service offered by the “Application”.

Register and create an account in the aforementioned “Application” for user identification.
Manage and manage everything related to your interactions.
Provide information about the services offered and respond to requests related to these services.
Obtain statistical information on the dilemmas posed by dissociating the data for analysis and evaluation.
Operate and improve services.
Check account security and safety.
Comply with the obligations set forth in current regulations applicable to the services provided, including those related to the prevention of identity theft and/or fraud and/or money laundering.
Respond to judicial or administrative requests from any competent authority.
Report on changes, improvements, and updates to the services and related legal documents.

Secondary purposes. Those that are incidental to the primary purposes because they are not essential for the existence, maintenance, and fulfillment of the service offered by the «Application,» but which allow it to be improved or expanded.

Establish contact for marketing, advertising, commercial prospecting, and quality purposes regarding the Controller’s services.
Conduct mass data analysis for profiling activities based on information provided by the user and information obtained from their behavior and preferences derived from the use of the «Application.»
Conduct research and satisfaction surveys to measure various aspects and/or assess service quality.

3.- Means of opposition to secondary purposes.

The user of the «Application» who wishes to oppose the processing of his or her personal data for secondary purposes may do so at any time by sending his or her request to the email addressaudit@dilemmaapp.com, specifying which of them.

Opposition to the use of personal data for secondary purposes will not be grounds for termination of the service, nor will it suspend the processing of personal data for primary purposes.

4.- Transfers of personal data.

Please be advised that the Controller may transfer the personal data collected from the user to the following third parties for the purposes indicated:

Regulatory bodies and/or federal, state, and/or municipal public administrations authorized to request personal data for the purpose of complying with regulatory, informational, transparency, and/or identity theft, fraud, and/or money laundering prevention obligations.

Judicial or administrative authorities, or any other authority with the authority to request personal data to comply with information requests and/or legal obligations arising from duly substantiated and motivated acts.

The aforementioned transfers are exempt from the expression of consent of the person holding the personal data in accordance with Article 36 of the Law.

5.- Means to exercise the Rights of Access, Rectification, Cancellation or Opposition (ARCO Rights).

The data subject, or their legal representative, may exercise their rights of access, rectification, cancellation, or objection (ARCO Rights) in accordance with the law, without distinction, without having to exhaust any of them first.

The right of access allows the data subject to know the personal data held by the Controller, as well as information related to the conditions and general details of its processing.

The right to rectification allows for the correction of personal data when it is inaccurate, incomplete, or outdated.

The right to erasure of personal data, when appropriate, allows for its deletion from the Controller’s files, records, files, and systems, subject to a blocking period equivalent to the statute of limitations for actions arising from the legal relationship underlying the processing, in accordance with applicable regulations, so that the data are no longer in the Controller’s possession.

The right to object allows the data subject, for legitimate reasons, to demand the cessation of the processing of personal data whenever one of the conditions provided for in the Law for such processing occurs, except in cases where its use is necessary for compliance with a legal obligation imposed on the Controller.

The request to exercise ARCO rights must be sent to the email addressaudit@dilemmaapp.com, which must contain and be accompanied by the following:

The name of the holder and his or her address or any other means of receiving notifications.
Documents proving the identity of the holder, such as a copy of their current official identification (INE, passport, or professional license) or, where applicable, the personality and identity of their representative, providing these same identification documents plus the document proving said representation.
A clear and precise description of the personal data for which you wish to exercise any of the ARCO rights, unless it concerns the right of access.
The description of the ARCO right that is intended to be exercised, or what the holder requests, attaching the corresponding documents.
Any other element or document that facilitates the location of personal data.

The Controller shall inform the data subject, within a maximum period of twenty (20) business days from the date on which the request was received, of the decision taken, so that, if appropriate, it may be made effective within fifteen (15) business days following the date on which the response is communicated. The aforementioned deadlines may be extended only once for an equal period, provided that the circumstances of the case justify it.

In the case of requests to exercise the right to access personal data, delivery will be made upon verification of the identity of the data subject or legal representative, as appropriate. Access to personal data, if requested, will be provided through physical or digital means.

The exercise of ARCO rights is free of charge; the data subject is only responsible for the costs of reproduction, copying, or shipping. If the data subject provides a magnetic or electronic medium, or any other mechanism necessary to reproduce their personal data, such data will be provided free of charge.

6.- Expression of consent, its revocation or limitation of the use and/or disclosure of data.

In accordance with the Law, the implied consent of the data subject is applicable due to the type of personal data collected for the use of the «Application», which is understood to be granted when, having been provided with this Privacy Notice, the data subject does not express his or her will to the contrary.

However, if the data subject wishes to revoke his or her consent to the processing of his or her personal data, or to limit its use and/or disclosure, he or she may submit his or her request through the email accountaudit@dilemmaapp.com, indicating the case you wish to carry out, following the same procedure provided in the ARCO Law section both to prove your identity and to obtain a response.

If the restriction on the use and/or disclosure of personal data is appropriate, the Controller will register it on the exclusion list enabled for this purpose.

7.- Compliance with confidentiality and security duties.

The Controller will maintain the confidentiality of the personal data it collects, ensuring that it has the necessary controls and mechanisms in place to ensure that all those involved in any phase of its processing comply with this obligation.

Likewise, you are informed that the Controller has sufficient security measures in place to protect the user’s personal data against damage, loss, alteration, destruction, or unauthorized use, access, or processing.

8.- Use of cookies, web beacons or other similar technologies in the “Application”.

Please note that the Controller may use «cookies,» «web beacons,» or other similar technologies to monitor Internet user behavior.

For the purposes of this Privacy Notice, «cookies» are identified as text files containing information that a web portal transfers to the user’s computer hard drive in order to store certain records and preferences, which can be disabled directly by the user in the browser, with the understanding that doing so may prevent access to certain content or affect the performance and/or operation of the site.

9.- Changes to the Privacy Notice.

The Controller may make changes to this Privacy Notice at any time, which will be made known through the «Application» and its publication on the website.https://dilemmapp.mx

Privacy Notice updated in accordance with the Federal Law on the Protection of Personal Data Held by Private Parties, published in the Official Gazette of the Federation on March 20, 2025.