Privacy and Personal Data Protection Policy of the Websites
- www.mercosurglobal.org
- www.mercosurglobal.com
- www.globalmercosur.org
- www.globalmercosur.com
Any other subdomain or domain that uses the expressions “mercosurglobal” or “globalmercosur“, regardless of its extension (.org, .com, .net, .com.ar, .org.mx, etc.) and redirects to this same content.
CLAUSE (1). Definitions
Access: one or more User actions required: in the case of the Site, to Access the Site; or, in the case of a Third-Party Site, to open in accordance with the Internet protocol known as Hypertext Transfer Protocol (HTTP) or the Internet protocol known as Hypertext Transfer Protocol Secure (HTTPS) one or more HTTP or HTTPS connections, respectively, between the Internet address of such Third-Party Site and the Internet address of a device used by the User to open each such connection.
Site Access: the opening in accordance with the Internet protocol known as Hypertext Transfer Protocol (HTTP) or the Internet protocol known as Hypertext Transfer Protocol Secure (HTTPS) of one or more HTTP or HTTPS connections, respectively, between the Internet address of the Site and the Internet address of a device used by the User to open each such connection.
Activity on the Site: the use by the User of one or more features included and enabled on the Site.
Administrator: the following legal entity: Chamber of Commerce of Global Mercosur, with CUIT ________, registered in the Province of Buenos Aires by the Provincial Directorate of Legal Entities with No. ________ and with email at [email protected].
Public Authority: any legislative, executive or judicial body of national, provincial or municipal character.
Cookie: each digital file that meets the following requirements: (1) it is created by an Internet site accessed by the User for the first time; (2) it stores one or more data about the User (e.g., their access identification) and/or the User’s activity on that Internet site (e.g., selections made) for the purpose of facilitating the User’s access to that Internet site and activity on it at least a second time; (3) it is stored by the web browser that the User used to access that Internet site for the first time; and (4) it can be read only or read and modified by that Internet site if the User returns to that Internet site using the same web browser at least a second time.
Security Credential: one or more Personal Data and/or other data or information provided by a human being, by themselves or through computer software not previously and expressly authorized by the Administrator, to grant that human being a unique and unequivocal identity as a User.
Personal Data: any data owned by the User (including, without limitation, any data about the device used by the User to Access the Site —model, operating system, connection, etc.— and the User’s geographic location during their Stay on the Site) that meets the following requirements: (1) in accordance with Law 25326 the Administrator is not prohibited from collecting it from the User pursuant to the Personal Data Collection Clause; and (2) it is not publicly known at the time the Administrator collects it from the User pursuant to the Personal Data Collection Clause.
Law 25326: National Law No. 25,326 and Executive Decree No. 1,558/2001 of the national Executive Branch.
Remain on the Site: one or more actions by the User, on the Site and in accordance with the T&Cs, necessary to extend the Stay on the Site.
Stay on the Site: the time that elapses from, and including, Access to the Site until, and including, Exit from the Site.
Owner: the Administrator.
Exit from the Site: the closure pursuant to the Internet protocol known as Hypertext Transfer Protocol (HTTP) or the Internet protocol known as Hypertext Transfer Protocol Secure (HTTPS) of the single or, as applicable, the last HTTP or HTTPS connection, respectively, opened by Access to the Site.
Site: each digital file, empty or containing one or more texts (originals or authorized reproductions), images, videos, sounds, graphics, icons, logos, isotypes, trademarks, drawings, emblems, color combinations, combinations of letters and numbers, advertising phrases or other digital or digitized content (other than computer program instructions) and each computer program file (whether or not it uses one or more of the foregoing digital files) directly or indirectly associated by the Administrator with the Internet address corresponding to the domain names mentioned in the preamble hereto.
Third-Party Site: any Internet address different from the Site.
T&Cs: the Site's terms and conditions published in the “Terms and Conditions” (www.mercosurglobal.org/terminos) section of the Site.
User: any natural person who Accesses the Site, Remains on the Site and carries out Activity on the Site, on their own behalf or through a computer program not previously and expressly authorized by the Administrator, and each Necessary User; it is stipulated that Activity on the Site carried out with a Security Credential shall be considered carried out by the natural person who provided that Security Credential, on their own behalf or through a computer program not previously and expressly authorized by the Administrator.
Necessary User: any natural person who is the holder of or delegated parental responsibility or necessary representative, as applicable, of another natural person who Accesses the Site, on their own behalf or through a computer program not previously and expressly authorized by the Administrator, and who has not attained 18 (eighteen) years of age and is not emancipated by marriage or otherwise does not have legal capacity to Access the Site, Remain on the Site and carry out Activity on the Site in compliance with the T&Cs.
CLAUSE (2). Site Development
Each Site Access by the User automatically constitutes the User's unconditional consent for the Administrator to collect, on the Site and/or via email received from the User, one or more Personal Data for the following purposes unless the Administrator expressly indicates otherwise on the Site and/or by email sent to the User:
(a) improve the interaction between the User and the Site during the Stay on the Site; and
(b) prepare anonymous statistics (that is, not capable of enabling identification of the User) of the Site; and
(c) comply with an order from a Public Authority received by the Administrator; and
(d) manage and respond to requests, inquiries or communications made by the User through the Site.
CLAUSE (3). Collection of Personal Data
(a) The Site has been developed with respect for the User's privacy on the Internet and taking into account the Administrator's duty to protect, in accordance with Law 25326, any Personal Data that the User may transmit to the Site in connection with Access to the Site, Presence on the Site, Activity on the Site and Exit from the Site.
(b) This Privacy and Personal Data Protection Policy is part of the T&C and must be read and interpreted together with the T&C.
CLAUSE (4). Cookies
The Administrator must obtain from the User, on the Site and/or via email received from the User, the User's unconditional consent to store one or more Site Cookies on the device used by the User to Access the Site and to use such Site Cookies before storing them on that device.
CLAUSE (5). Security of Personal Data
(a) The Administrator will implement reasonable technical and organizational measures, in accordance with industry generally accepted standards, to protect Personal Data collected against unauthorized access, alteration, disclosure or destruction.
(b) Such measures may include, among others, the use of secure connections (SSL/TLS) for data transmission, storage of Personal Data on servers protected by firewalls, restriction of access to Personal Data only to authorized personnel, and the implementation of data backup and recovery procedures.
(c) Notwithstanding the foregoing, the User acknowledges and agrees that no system is infallible and that the Administrator does not guarantee the absolute invulnerability of the Site's security systems nor the absolute security of Personal Data.
CLAUSE (6). Storage of Personal Data
The Administrator will store the Personal Data in a database whose administration will be the exclusive responsibility of the Administrator at the following address: Av. Juan de Garay 140, Autonomous City of Buenos Aires.
CLAUSE (7). Management of Personal Data
The Personal Data that the Administrator collects in accordance with the Personal Data Collection Clause may be stored, processed and transferred exclusively by:
(a) the Administrator; and
(b) each natural or legal person with whom the Administrator enters into a contract for the transfer or assignment of one or more Personal Data; and
(c) each Public Authority that requires the Administrator to transfer or assign one or more Personal Data by judicial order and when there are founded reasons related to public security, national defense or public health.
CLAUSE (8). User Rights
(a) In accordance with Law 25326 the User may request from the Administrator with respect to one or more Personal Data:
(I) free access to such Personal Data every 6 or more continuous anniversary months from the date of the User's most recent requested access unless the User demonstrates a legitimate interest in accessing such Personal Data prior to the lapse of 6 continuous anniversary months from the date of the User's most recent requested access; and/or
(II) the updating of such Personal Data if they have become outdated due to changes in the User's circumstances; and/or
(III) the rectification of such Personal Data if they are inaccurate or incomplete; and/or
(IV) the blocking of such Personal Data; or
(V) the deletion of such Personal Data.
(b) Each User request under subsection (a) must be made by:
(I) a formal registered letter if the User requests access to one or more Personal Data items; or
(II) a simple letter, accompanied by a simple photocopy of their valid National Identity Document or passport, if the User requests the updating, rectification, blocking or deletion of one or more Personal Data items.
(c) The User must deliver or cause to be delivered the corresponding communication pursuant to subsection (b) exclusively to the Administrator's address indicated in the Clause on Storage of Personal Data.
(d) The Administrator's email address indicated in the Clause Definitions is not an electronic address for service and, consequently, any email containing or attaching a notice, communication or summons sent to that email address shall not be considered served on or received by the Administrator for any purpose related to the notice, communication or summons in question.
(e) The Administrator:
(I) shall not be obliged to respond favorably:
(1) a request for access, rectification and/or deletion of one or more Personal Data received from the User in accordance with subsection (a) if complying with the request in question would affect the protection of the defense of the Nation, public order and safety or the rights and interests of third parties; or
(2) a request for access to one or more Personal Data received from the User in accordance with subsection (a) subparagraph (I) if such request is not dated at least 6 (six) months after the date of the last request for access to Personal Data that the Administrator received from the User pursuant to subsection (a) subparagraph (I), unless the User reasonably demonstrates to the Administrator (at the Administrator's sole discretion) that they have a legitimate interest in accessing the Personal Data in question before the lapse of 6 (six) months from the date of that last access request; or
(3) a request for deletion of one or more Personal Data received from the User in accordance with subsection (a) subparagraph (V) if the requested deletion could cause harm to the rights or legitimate interests of third parties or prevent the Administrator from fulfilling a legal obligation to retain the Personal Data in question; and
(II) shall set out the grounds for each refusal under subparagraph (I) by means of a written communication addressed to the address the User provided in the rejected request.
(f) The Agency for Access to Public Information, in its capacity as the Supervisory Authority of Law 25326, is empowered to handle complaints and claims filed by those whose rights are affected by non-compliance with the applicable Personal Data protection rules.
CLAUSE (9). Amendments
(a) The Administrator:
(I) may, at its sole discretion, at any time and without prior, simultaneous or subsequent notice or explanation to the User, modify, in whole or in part, temporarily or permanently, this Privacy and Personal Data Protection Policy; and
(II) without prejudice to the provisions of subparagraph (I), may notify the User, on the Site and/or by email sent to the User, at the time and for the period that the Administrator determines in each case, of a modification, in whole or in part, temporary or permanent, of this Privacy and Personal Data Protection Policy.
(b) The User:
(I) will not be obliged to accept, in whole or in part, any amendment to this Privacy and Personal Data Protection Policy made by the Administrator; and
(II) must expressly state, on the Site and/or by email sent to the Administrator, at the time and for the period determined by the Administrator in each case, that they have read, understood and unconditionally and fully accepted the amendment to this Privacy and Personal Data Protection Policy as a prerequisite for Remaining on the Site and/or carrying out the Activity on the Site; and
(III) must refrain from Accessing the Site if they do not intend to comply with the provisions of sub-paragraph (II); and
(IV) must not Remain on the Site or carry out the Activity on the Site if they have not complied with the provisions of sub-paragraph (II).
(c) For the purposes of this Clause the Privacy and Personal Data Protection Policy is the one published by the Administrator on the Site during the User's Presence on the Site unless the Administrator expressly indicates otherwise on the Site and/or by email sent to the User.
CLAUSE (10). Third-Party Site
This Privacy and Personal Data Protection Policy does not apply to any Third-Party Site, whether prior to Access to the Site, during the Stay on the Site following Access to the relevant Third-Party Site through the User's use of one or more links to that Third-Party Site included and enabled on the Site to access such Third-Party Site, or after leaving the Site.
CLAUSE (11). Applicable Law
This Privacy and Personal Data Protection Policy is governed exclusively by the laws of the Argentine Republic.
