Privacy Policy

PRIVACY AND PERSONAL DATA PROTECTION POLICY

Last updated: September 08, 2025

Converforma, with address in Mexico (hereinafter, the Organization), is responsible for the processing of personal data it collects through the website https://converforma.mx, in compliance with the Federal Law on Protection of Personal Data Held by Private Parties, its Regulations and other applicable provisions, as well as the principles of social responsibility, business ethics and protection of human rights established in SMETA.

1. Personal data collected

The Organization may collect personal data directly or indirectly through its website, including, but not limited to:

  • Full name

  • Company or corporate name

  • Position

  • Email address

  • Phone number

  • Information provided through contact forms or quote requests

  • Technical and navigation data, such as IP address, browser type, operating system, and behavior within the website

Sensitive personal data is not collected.

2. Purposes of the processing

The personal data will be used for the following primary purposes:

  • Respond to requests for contact, technical information, or quotes

  • Establish commercial or technical communication with clients and prospects

  • Follow up on commercial and contractual relationships

  • Comply with legal, regulatory, and contractual obligations

  • Accredit compliance and due diligence practices before internal, client, or third-party audits (including SMETA audits)

Additionally, the data may be used for secondary purposes related to statistical analysis, continuous improvement of the website, and strengthening of internal processes, without affecting the rights of the owner in any case.

3. Principles of processing

The processing of personal data is carried out under the principles of:

  • Lawfulness

  • Consent

  • Information

  • Quality

  • Purpose

  • Loyalty

  • Proportionality

  • Responsibility

In accordance with applicable law and the best international practices of social compliance.

4. Security measures

The Organization implements reasonable administrative, technical, and physical measures to protect personal data against damage, loss, alteration, destruction, or unauthorized use, access, or disclosure.

Access to personal data is restricted only to authorized personnel, trained and subject to confidentiality obligations.

5. Data transfer

The Organization does not transfer personal data to third parties without the consent of the owner, except in cases legally permitted or required by competent authority.

In the case of social, quality, or compliance audits (including SMETA), access to information will be strictly limited to what is necessary and under confidentiality obligations.

6. Use of cookies and similar technologies

The website may use cookies and similar technologies to improve the browsing experience, analyze the use of the site, and optimize its operation.

The owner can disable the use of cookies through their browser settings, without affecting general access to the site.

7. ARCO Rights

The owner of the personal data may exercise their rights of:

  • Access

  • Rectification

  • Cancellation

  • Opposition

By sending a request to the email address:
📧 [email protected]

The request must meet the requirements established by applicable law.

8. Data retention

Personal data will be retained only for the time necessary to fulfill the purposes described in this Policy or in accordance with applicable legal terms.

9. Modifications to the policy

The Organization reserves the right to modify or update this Privacy Policy at any time. Any changes will be published in this same section of the website.

10. Consent

The use of the website implies the consent of the owner for the processing of their personal data in accordance with the provisions of this Privacy Policy.

Certifications

Converforma ISO 9001 2015 Certificate
Converforma Certificate for FSSC 22000
Converforma SMETA Certificate