DISRUPTIVE CITIES SAPI DE C.V., (hereinafter referred to as AIWIFI) with address in Colima, Roma Norte, Mexico City, Mexico, is responsible for the personal data you share with us. When we say “AIWIFI,” “we,” “our,” or “us,” we are referring to ourselves.

For us, the personal and sensitive personal data of our customers and potential customers (hereinafter “personal data”) are treated strictly privately and confidentially. The collection, processing, transfer, and exercise of the rights derived from such personal data are carried out through appropriate, legitimate, and lawful use, permanently safeguarding the principles of legality, consent, quality, information, proportionality, responsibility, loyalty, and purpose, in accordance with the provisions of the Federal Law on Protection of Personal Data Held by Private Parties, its Regulation, and secondary provisions.

COLLECTION OF PERSONAL DATA AND PURPOSES OF PROCESSING.

At AIWIFI, we are committed to building a strong and lasting relationship with our customers, based on trust and mutual benefit. Part of this commitment involves safeguarding and respecting your privacy. That’s why we define our privacy commitment and our entire privacy policy below.

OUR PRIVACY COMMITMENT

We will respect your privacy and choices.

We will ensure that privacy and security are integrated into everything we do.

We will not send marketing communications unless you request them. You can change your mind at any time.

We will never lend or sell your data.

We commit to keeping your data secure and safe. This includes working only with trusted partners.

We commit to being open and transparent about how we use your data.

We will not use your data in ways not informed to you.

We will respect all your rights and always try to fulfill your requests as far as possible, in accordance with our own legal and operational responsibilities.

For more information about our privacy practices, we outline below the types of personal data we may receive directly from you or from your interaction with us, how we may use it, with whom we may share it, how we protect and keep it safe, and your rights regarding your personal data. Of course, not all situations may apply. This privacy policy provides a general overview of all possible situations in which we may interact.

WHAT ARE PERSONAL DATA?

“Personal data” refers to any information or data that could directly (e.g., name) or indirectly (e.g., through data pseudonymization like a unique ID number) identify a person. This means that personal data includes aspects such as email addresses, physical addresses, phone numbers, usernames, profile pictures, personal preferences, and purchasing habits, user-generated content, financial information. It may also include unique numerical identifiers such as your computer’s IP address or your mobile device’s MAC address, as well as cookies.

WHAT DATA OF YOURS DO WE COLLECT AND HOW DO WE USE IT?

We may collect or receive data from you through our websites, forms, applications, devices, on social networks, or in any other way. Sometimes you provide it directly (e.g., when creating an account, contacting us), and sometimes we gather it (e.g., using cookies to understand how you use our websites/applications).

When we collect data, we indicate the mandatory fields with asterisks in the data that we need to:

Fulfill our contract with you (e.g., providing a service through our websites/applications);

Offer you a service you have requested (e.g., providing a newsletter); or

Comply with our legal obligations and/or commitments (e.g., billing).

If you do not provide the data marked with an asterisk, this could affect our ability to provide you with products and services.

Depending on the purpose for which the data is used, the legal basis for processing your data may be:

Your consent;

Our legitimate interest, which may include:

Improving our products and services: specifically, our business interests to better understand your needs and expectations and, therefore, improve our services, websites/applications/devices, products, and brands for the benefit of our consumers.

Fraud prevention: ensuring that payment is complete and free from fraud and misappropriation.

Assurance of our tools: keeping the tools you use (our websites/applications/devices) secure and safe and ensuring that they function properly and continuously improve.

Execution of a contract: specifically to carry out the services you have requested from us;

Legal basis: when the law requires processing.

Regarding the aforementioned personal data and sensitive personal data, they are guaranteed to be processed, either directly or indirectly through AIWIFI, its subsidiaries, affiliates, or related companies, and its third-party service providers with whom it has a legal relationship. They handle personal data on behalf of AIWIFI, as well as, where applicable, by competent authorities, for the purposes that originated and are necessary for the existence, maintenance, and fulfillment of the legal relationship with its consumers.

Additionally, AIWIFI may process your personal data for the following different or secondary purposes, which are not necessary for the existence, maintenance, and fulfillment of the legal relationship with our customers but allow us to provide you with better service:

Marketing, advertising, commercial prospecting, evaluation of our products and services.

Refusal to grant consent for the processing of your personal data for the aforementioned different or secondary purposes cannot be a reason for denying you the products or services derived from the acquisition of the products or services you purchase or contract with us.

It is important to mention that, in case AIWIFI intends to use your sensitive personal data for the secondary purposes described above, prior to their processing, it will request your express and written consent in accordance with the Federal Law on Protection of Personal Data Held by Private Parties, its Regulation, and other mandatory secondary provisions; otherwise, it will not use them for these purposes.

The personal data you provide to AIWIFI will be processed exclusively for the purposes described, treated confidentially, and only to the extent strictly necessary to fulfill the purpose for which they were collected.

To prevent unauthorized access to your personal data and to ensure that the information is used for the purposes set out in this privacy notice, we have implemented physical, electronic, and administrative procedures, using advanced technologies that limit the use or disclosure of your data, allowing us to process them properly and prohibiting any unauthorized extraction of information containing personal data from AIWIFI offices.

USE OF COOKIES, WEB BEACONS, OR OTHER TECHNOLOGIES

AIWIFI informs you that it may use mechanisms in remote or local electronic communication media, optical or other technology, such as cookies and web beacons, to automatically and simultaneously collect various data while you, as a customer or potential customer, make contact with them.

Cookies are data files stored on the hard drive of a user’s computer or electronic communication device when browsing a specific website, allowing the exchange of state information between that site and the user’s browser. The state information may reveal, in some cases, session identification means, authentication, or user preferences, as well as any other data stored by the browser regarding the website.

Web beacons are visible or hidden images inserted within a website or email, used to monitor user behavior on these media. Through these, information such as the originating IP address, browser used, operating system, time the page was accessed, and, in the case of email, the association of the above data with the recipient can be obtained.

Specifically, AIWIFI will use cookies and web beacons when sending emails with information related to the Brands because when you receive and

, if applicable, read any of our emails, through these technologies, we can collect the following data:

i) Know whether you opened the email we sent you; and

ii) Know whether you accessed the link(s) or URL(s) contained in the email.

The data obtained through these technologies will be used exclusively for the primary and secondary purposes indicated in this Privacy Notice.

Most browsers accept cookies automatically. However, it is possible to configure any browser to prevent it from accepting cookies and thus prevent your computer or device from storing them. Some browsers have a special mode that ensures the deletion of cookies after a visit. Consult your browser’s manual if you want to know the exact steps to activate the corresponding mode. You can delete cookies stored on your computer or device at any time.

TRANSFER OF PERSONAL DATA TO THIRD PARTIES.

Through this privacy notice, AIWIFI informs you that it may transfer your personal identification and contact data (non-sensitive) to national or foreign third parties, such as its subsidiaries, affiliates, or related companies and service providers with whom it maintains a legal relationship, for the following purposes:

Marketing, advertising, and commercial prospecting.

As a result, AIWIFI informs you that if you do not want your personal data to be transferred to the third parties mentioned in this section and for the purposes described here, you must send us an email to the address [email protected], in order to document this situation; otherwise, we will understand that you have expressed your full consent for their transfer on the terms specified.

Likewise, we inform you that in case AIWIFI intends to transfer your sensitive personal data to the third parties mentioned here for the purposes described above in this section, prior to their transfer, it will request your express and written consent, in accordance with the Federal Law on Protection of Personal Data Held by Private Parties, its Regulation, and other mandatory secondary provisions; otherwise, it will not use them for these purposes.

In this regard, AIWIFI informs you that, in accordance with the provisions of Article 37 of the Federal Law on Protection of Personal Data Held by Private Parties, it may transfer your personal data without your consent in the cases specified below:

When the transfer is provided for in a Law or Treaty to which Mexico is a party.

When the transfer is necessary for the prevention or medical diagnosis, the provision of health care, medical treatment, or the management of health services.

When the transfer is made to controlling companies, subsidiaries, or affiliates under the common control of the data controller, or to a parent company or any company of the same AIWIFI group that operates under the same internal processes and policies.

When the transfer is necessary due to a contract entered into or to be entered into in the interest of the data subject, by AIWIFI and a third party.

When the transfer is necessary or legally required for the safeguarding of public interest, or for the procurement or administration of justice.

When the transfer is necessary for the recognition, exercise, or defense of a right in a judicial proceeding.

When the transfer is necessary for the maintenance or fulfillment of a legal relationship between AIWIFI and the data subject.

MECHANISMS AND PROCEDURES FOR REVOCATION OF CONSENT TO THE PROCESSING OF PERSONAL DATA AND/OR EXERCISE OF ARCO RIGHTS.

You can revoke the consent you have given us for the processing of your personal data at any time, so that we stop using them. However, it is important to note that we may not be able to immediately respond to or conclude your request in all cases, as we may be required to continue processing your personal data due to some legal obligation. Also, you should consider that, for certain purposes, revoking your consent may mean that we cannot continue providing you with the service you requested or the termination of your relationship with us.

To revoke your consent, you must go to our offices and request the “Revocation of Consent Request Form,” accompanying this request with the documents proving your identity (official identification) or, where appropriate, from someone who legally represents you. You can also request this form through the email [email protected].

You have the right to access, rectify, cancel, or oppose the processing of your personal data (ARCO rights). In this regard, as the owner of your personal data, you have the right to know what personal data AIWIFI holds, what we use them for, and the conditions of use we give them (Access), as well as to rectify them if they are inaccurate, outdated, or incomplete (Rectification), instruct us to cancel them when they are excessive or unnecessary for the purposes described that justified their collection, consider that they are not being used in accordance with the principles, duties, and obligations provided for in applicable regulations (Cancellation), or oppose the use of your personal data for specific purposes (Opposition), in cases where the Federal Law on Protection of Personal Data Held by Private Parties allows it.

To exercise the ARCO rights mentioned in the previous paragraph, you can go to our offices and request the “ARCO Rights Request Form,” accompanying this request with the documents proving your identity (official identification) or, where appropriate, from someone who legally represents you. You can also request this form through the email [email protected].

AIWIFI will attend to your request within the stipulated times in applicable laws and will inform you of the consequences that must occur due to the exercise of your rights.

To know precisely the procedure established by AIWIFI for the revocation of consent regarding the processing of your personal data and/or regarding the exercise of ARCO rights, you can contact us through the email [email protected], where we will gladly inform you about the details of the procedure and requirements for the exercise of your rights.

If you believe that you have not received a response from AIWIFI or that the response you received is not satisfactory, you have the right to go to the National Institute of Transparency, Access to Information and Protection of Personal Data (INAI) to file a data protection request within fifteen days following the date on which the deadline for AIWIFI to respond to your request expires in accordance with the Federal Law on Protection of Personal Data Held by Private Parties and its Regulation, or the response we have given to it.

MODIFICATIONS AND CHANGES TO THE PRIVACY NOTICE

This privacy notice may be modified or updated from time to time by AIWIFI. Such modifications will be informed to you through the sending of a communication to your email account, as well as through a publication on our website www.aiwifi.io, within 5 business days following its modification.

Last update date: July 1, 2023.