COMPREHENSIVE PRIVACY NOTICE AURORA TE ASEGURA
At Aurora te asegura, we are committed to protecting you and your loved ones. As part of this protection, we inform you that the personal data you provide is treated with absolute confidentiality, and we have sufficient security measures to ensure the protection of your personal data in compliance with the Federal Law on the Protection of Personal Data Held by Private Parties. Therefore, we make this Privacy Notice available to you.
I. IDENTITY AND ADDRESS OF THE DATA CONTROLLER
Aurora te asegura, located at Avenida Insurgentes Sur number 1457, floors 7 to 14, Colonia Insurgentes Mixcoac, Benito Juárez Borough, Mexico City, C.P. 03920.
II. PURPOSES OF DATA PROCESSING
The personal data we collect directly from you, from other sources permitted by law, or those generated from these or from the relationship we may establish, and which are necessary to provide you with financial services related to the contracting of insurance or those derived or ancillary to it, are used to identify you, verify your identity, evaluate your insurance application, analyze risks, operate, administer, process your claims, prevent fraud, and comply with obligations arising from any legal relationship we establish in accordance with applicable Insurance Legislation; generate statistical data; evaluate the quality of the service; and for secondary purposes to promote our financial products or services or those of our affiliates, subsidiaries, and related parties, by conducting advertising campaigns or for marketing purposes, profiling, creating personalized ads or notices, or similar purposes. For these purposes, we require your personal identification, employment, academic, and immigration data; your financial and patrimonial data; and your sensitive personal health data, physical characteristics, and biometric data, including, among others, fingerprints and facial recognition, for which we obtain your consent. We may use Artificial Intelligence technology for claim analysis, process automation, risk underwriting, product development, fraud prevention, marketing campaigns, chatbot use, personalizing and improving customer experience, and for training Artificial Intelligence models, among others. Aurora te asegura will implement mechanisms and safeguards consistent with a reasonable level of human control based on risk, in strict compliance with applicable laws and regulations. Interactions with Artificial Intelligence resources within Aurora te asegura are treated with the same rigor and commitment to privacy and security as the rest of our operations.
III. OPTIONS AND MEANS TO LIMIT THE USE OR DISCLOSURE OF YOUR PERSONAL DATA
If you do not want your data to be processed or transferred for secondary purposes, such as promoting financial products or services, we ask you to fill out the corresponding form, which you can request at contacto@aurorateasegura.com, and we ask you to carefully read the Privacy Preferences Rules, which detail the terms and scope of the request; or you may register directly with the Public Registry of Users (Reus) managed by Condusef, for which you can visit their website or contact them directly. If this privacy notice is not provided to you directly or personally, you have a period of 5 days to object to the processing and transfer of your data for the secondary purposes indicated, using the same means mentioned above.
IV. MEANS TO EXERCISE YOUR RIGHTS AND REVOKE YOUR CONSENT
You have the right to access, rectify, cancel, and object to the processing of your data, or you may revoke the consent you have granted us by requesting it in person at our data protection department at the address mentioned above or by sending an email to contacto@aurorateasegura.com, including the following with your request:
a) Your full name as the data subject, email address, address, or other means to communicate the response to your request;
b) Documents proving your identity or, where applicable, the identity and authority of your legal representative;
c) A clear and precise description of the personal data regarding which you seek to exercise any of the aforementioned rights, except for the right of access;
d) A description of the ARCO right you intend to exercise, or what you are requesting;
e) Any other element or document that facilitates the location of your personal data.
In the case of requests for rectification of personal data that are inaccurate, incomplete, or not up to date, you must indicate, in addition to the above, the changes to be made and provide the documentation supporting your request.
Aurora te asegura will notify you, within a maximum period of twenty business days from the date your request was received, of the decision made, so that, if appropriate, it becomes effective within the fifteen business days following the date the response is communicated to you. In the case of requests for access to personal data, delivery will be made upon verification of the identity of the requester or legal representative, as applicable.
The obligation to provide access to your information will be deemed fulfilled when the personal data is made available to you; or through the issuance of simple copies, electronic documents, or any other means. Aurora te asegura may deny access to personal data, or refuse rectification, cancellation, or opposition to their processing, in the following cases:
I. If you are the requester but not the data subject, or your legal representative is not duly accredited;
II. When your personal data is not found in our database;
III. When the rights of a third party would be harmed;
IV. When there is a legal impediment or a resolution from a competent authority restricting access to your personal data or prohibiting rectification, cancellation, or opposition; and
V. When the rectification, cancellation, or opposition has already been carried out.
In all the above cases, we will inform you of the reason for our decision and communicate it to you, or to your legal representative, as applicable, within the established deadlines, through the same means by which the request was made, accompanied, where appropriate, by the relevant evidence. For any questions about these rights, you can send us an email to contacto@aurorateasegura.com.
V. DATA TRANSFER
We may transfer your data to national or international third parties, such as government agencies, entities, or instances for legal purposes or by authority request; to healthcare providers to provide you with a service or process your claims; to the policyholder, broker, agent, or any third party related to or involved in the handling or operation of the insurance; to organizations, institutions, or entities in the insurance sector for fraud prevention and risk selection purposes; to the National Electoral Institute to verify that the data contained in the Voter ID and, where applicable, biometric data, match those held by the Institute, without implying any delivery of such data. To our controlling companies, parent company, subsidiaries, affiliates, and related parties for the administration of your insurance, coverage needs, and identification, for marketing, advertising, or commercial prospecting purposes; as well as to social networks and third-party platforms for advertising, prospecting, profiling, creating personalized audiences, or integrating you into similar audiences.
VI. CHANGES TO THE PRIVACY NOTICE
Changes or updates to this privacy notice are available, and you can review them periodically on our website www.aurorateasegura.com in the privacy policy section. This notice is based on the provisions of the Federal Law on the Protection of Personal Data Held by Private Parties and other applicable legislation.
COOKIES
A cookie is brief information that the website sends to your computer, which is stored on your hard drive. The next time you visit our website, we may use the information stored in the cookie to facilitate your use of our site. For example, we may use your cookie to store a password so you don’t have to re-enter it each time you move to a different section of our website. A cookie does not allow us to know your personal identity unless you expressly choose to provide it to us. Most cookies expire after a certain period, or you can delete them at any time by following your browser’s instructions. Likewise, you can set your browser to notify you when you receive a cookie so you can accept or reject it by following your browser’s instructions.
DEFINITIONS
For the purposes of this privacy notice, the terms mentioned have the meanings attributed to them as follows:
Personal identification data: full name, address, phone numbers, email, mobile phone, marital status, spouse’s name, cohabitant, or partner, handwritten and electronic signature, photograph, Federal Taxpayer Registry (RFC), Unique Population Registry Code (CURP), place and date of birth, age, names of relatives, economic dependents, and beneficiaries, among others.
Employment data: occupation, company or agency name, position, area or department, address, work phone, and email, extracurricular activities, work and personal references, among others.
Academic and immigration data: educational background, degree, professional license number, certificates, among others.
Financial and patrimonial data: movable and immovable property, credit history, income and expenses, bank accounts, insurance, pension funds, bonds, tax information, any type of granted guarantee, and contracted services, among others.
Sensitive personal health data: Includes, but is not limited to, information regarding general physical and mental health status, medical history, medical diagnoses, allergies, chronic or communicable diseases, physical or cognitive disabilities, prior surgical interventions, vaccination schedules, as well as the use of medical devices such as ophthalmological, orthopedic, or hearing aids. It also includes data related to psychological and/or psychiatric treatments, medical evaluations, clinical study results, and any other information that allows inferring present or past health conditions.
Physical characteristics: skin, iris, and hair color, distinctive marks; height, weight, build, blood type, DNA, fingerprint, among others.
Data subject: the individual to whom the personal data corresponds (also referred to hereinafter as “you” or “your”).
Processing: the collection, use, disclosure, or storage of personal data by any means. Use includes any action of access, handling, use, transfer, or disposal of personal data.
Controller: Aurora te asegura, which decides on the processing of personal data (also referred to hereinafter as “we,” “our,” or “us”).
Transfer: any communication of data to a person other than Aurora te asegura or the data processor.
Law: Federal Law on the Protection of Personal Data Held by Private Parties.
LAST UPDATE DATE: August, 2025.
