In compliance with the Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP) and its Regulations, as well as the Privacy Notice Guidelines, and other applicable laws and provisions, this privacy notice is issued to guarantee the privacy and the right to informational self-determination of users, clients, suppliers, service providers, personnel, and/or, in general, any person who voluntarily shares or transmits their personal data (hereinafter the Data Subject or Data Subjects) to Siemens Servicios Comerciales, S.A. de C.V. SOFOM ENR (hereinafter SIEMENS SOFOM) by any means.
I. Identity and address of the data controller. SIEMENS SOFOM, located at Avenida Ejército Nacional number 350, 2nd floor, Colonia Polanco V Sección, Miguel Hidalgo Borough, Mexico City; SIEMENS SOFOM is solely responsible for obtaining, using, storing, and disclosing the personal data of the Data Subjects, in accordance with the provisions of this Privacy Notice. As the data controller, SIEMENS SOFOM guarantees the proper use, protection, and confidentiality of said data, observing at all times the principles of lawfulness, consent, information, quality, purpose, loyalty, proportionality, and accountability, as established in the Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP) and its Regulations.
II. SIEMENS SOFOM's corporate purpose is the regular and professional performance of credit granting, leasing, and factoring activities, as provided for in Article 87-B of the General Law of Auxiliary Credit Organizations and Activities.
III. Personal data to be processed. For the fulfillment of its corporate purpose and the development of the objectives described in the first paragraph of Section IV of this Privacy Notice, SIEMENS SOFOM will collect from the Data Subject, including but not limited to, the following personal data and sensitive personal data, in accordance with the classification contained in sections V and VI of Article 2 of the Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP), hereinafter collectively referred to as Personal Data:
Personal data of natural persons: full name, address(es), telephone number(s) (mobile, landline, and alternate), email address, Unique Population Registry Code (CURP), place and date of birth, gender, marital status, nationality, tax address, digitized signature, Federal Taxpayer Registry (RFC), voter registration number (INE), social security number, employment information (type of employment, employer's name, and work telephone number).
Personal data of legal entities: Company name or business name, Trade name (if applicable), Taxpayer Identification Number (RFC), Date and place of incorporation, Public deed number and notary public, Corporate purpose, Tax address and other registered addresses, Contact telephone numbers (landline, alternate, corporate), Institutional email address, Employer registration number with the Mexican Social Security Institute (IMSS) (if applicable), Registration in public registries, Advanced electronic signature (FIEL/e.firma)
Sensitive personal data: economic and financial information such as credit reports, monthly income and expenses, and bank account information.
In the case of sensitive personal data, SIEMENS SOFOM will require the express written consent of the Data Subject for its proper processing, in accordance with the provisions of Article 8 of the Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP).
IV. Necessary Purposes of Personal Data Processing. The Personal Data collected by SIEMENS SOFOM will be used to carry out the essential activities that allow establishing and fulfilling the obligations arising from the legal relationship with the Data Subject:
1.- Verify, confirm and validate the identity of the Holder.
2. - Obtain the duly signed authorization forms to request Credit Reports from Credit Information Companies (hereinafter referred to as SICs )
3.- Check your credit history with the SICs .
4.- Integrate the file and evaluate the risk profile and creditworthiness of the Holder.
5.- Incorporate personal data into the legal documents required for the formalization of contracts, as well as in those accessory legal documents.
6.- To provide the Holder with the contracted services.
7.- To enter into the corresponding contract(s) with the Owner.
8.- Request identification, asset and financial documentation for updating the Holder's file.
9.- To fulfill the obligations agreed upon in the contracts entered into.
10.- To modify, where appropriate, the contracts and/or other accessory legal documents, as well as to assign or transfer to a third party, by any legal means, the rights and obligations derived from said contracts.
11.- Carry out collection procedures.
12.- Identify and prevent possible illegal conduct that could constitute a violation of current legal provisions;
13.- Comply with the obligations established in the applicable laws.
14.- Make notifications related to the contracted services.
15.- To handle claims, complaints, questions, comments and other requests related to the contracted services.
It is stated that the data provided by the Holder to SIEMENS SOFOM will not be used for purposes
advertising or marketing.
V. Transfer of Personal Data. The Holder's personal data may be transferred and processed by persons other than SIEMENS SOFOM within and outside the national territory, for the purposes established in this Privacy Notice, as well as to comply with legal obligations to the Holder and to the authorities of the countries in which it operates. In this regard, the Holder's information may be shared with: (i) employees, parent companies, holding companies, affiliates or subsidiaries of SIEMENS SOFOM, ( ii ) service providers that have entered into a contract with SIEMENS SOFOM, ( iii ) public bodies, public administrations (federal, state or municipal), commissions, institutes and/or regulatory entities for compliance with information, transparency and money laundering prevention obligations (CONDUSEF and CNBV), as well as for compliance with judicial or administrative requirements issued by competent authorities, ( iv ) bodies, entities or authorities abroad for compliance with requirements or requests with effects in Mexican territory, or enforceable under International Treaties to which Mexico is a party, (v) Credit Information Societies and (vi) legal and financial advisors of SIEMENS SOFOM.
Based on the provisions of Article 68 of the Regulations of the LFPDPPP and Article 35 of said Law, the Holder expressly consents to and authorizes any transfer of his Personal Data that SIEMENS SOFOM makes to any of the companies and/or entities listed in the previous paragraph; SIEMENS SOFOM guarantees that the transfers made will comply at all times with the provisions of the LFPDPPP, its Regulations and this Privacy Notice.
VI. Mechanisms, means and procedures to exercise ARCO Rights (Access, Rectification, Cancellation and Opposition). At any time and when legally applicable, the Data Subject has the right to access, rectify and cancel their Personal Data, to oppose its processing, and to limit its use or disclosure.
For this purpose, the Data Subject must send a written request to SIEMENS SOFOM via email to daniela.sanchez-rello@siemens.com. This request must meet the following requirements: (i) the Data Subject's full name, address, or other means of communicating the response to their request; ( ii ) documents proving their identity or, if applicable, the Data Subject's legal representation, such as a voter ID card, passport, or driver's license; ( iii ) a clear and precise description of the Personal Data with respect to which the Data Subject seeks to exercise any of their ARCO rights; ( iv ) a description of the ARCO right they intend to exercise, or what the Data Subject is requesting; and (v) any other element or document that facilitates the location of the personal data. In the case of requests for rectification of personal data, the Data Subject must also indicate the modifications to be made and provide the documentation that supports their request.
Upon receipt of the request with all the aforementioned requirements, SIEMENS SOFOM will have a maximum period of 20 (twenty) business days from the date the request for the exercise of ARCO rights was received, to notify the Data Subject of the decision adopted, so that, if applicable, it may be implemented within 15 (fifteen) days following the date the response is communicated. The aforementioned periods may be extended once for an equal period, provided that the circumstances of the case justify it. If the information provided in the request is insufficient or incorrect, or if the necessary documents are not included, SIEMENS SOFOM may, within five (5) business days of receiving the request, require the Data Subject to provide the necessary information or documents to process it. The Data Subject will then have ten (10) business days to respond to the request, starting from the day after receiving it. If no response is received within this period, the request will be considered withdrawn, without liability for SIEMENS SOFOM. However, the Data Subject may resubmit the request at any time. SIEMENS SOFOM will respond via the method indicated in the request.
VII. Revocation. The Holder may revoke the consent granted to SIEMENS SOFOM for the processing of his Personal Data at any time, without retroactive effects, in those cases in which such revocation does not imply the impossibility of fulfilling obligations derived from a current legal relationship between the Holder and SIEMENS SOFOM.
The Data Subject acknowledges that, for certain purposes, the revocation of their consent will mean that SIEMENS SOFOM will no longer be able to provide the service for which it was contracted, or alternatively, the termination of the existing relationship between the parties. The procedure for revoking consent, if applicable, will be the same as that established in section VI above for exercising ARCO rights (Access, Rectification, Cancellation, and Opposition).
VIII. Options and means for limiting the use or disclosure of Personal Data. The Data Subject may request SIEMENS SOFOM to limit the use, disclosure and/or transmission of their personal data contained in electronic media and physical documents by sending an email to daniela.sanchez-rello@siemens.com or by calling 56 41 73 84 65 from Monday to Friday from 9:00 a.m. to 6:00 p.m., on business days.
The contact method indicated in the previous paragraph may also be used by the Holder to request information, present doubts or clarifications related to the processing of their personal data, as well as to receive the corresponding support and attention from the Responsible Party.
Similarly, the Data Subject may send a request to the same email address when they wish to access, rectify, or correct their personal data that is inaccurate, incomplete, or outdated. SIEMENS SOFOM will issue the corresponding response within a period not exceeding 20 business days. The Data Subject will have the right to cancel their personal data at any time, in accordance with the provisions of the Law.
IX. Modifications to the Privacy Notice. SIEMENS SOFOM may modify, update, extend, or otherwise change the content and scope of this Privacy Notice at any time and at its sole discretion. In such case, SIEMENS SOFOM will immediately notify the Data Subject of these changes through the website: https://www.siemens.com/es-mx/products/financial-services/
In the event that the modifications involve substantial changes in the purposes of the processing of personal data, in the transfers carried out or in the mechanisms for obtaining consent, the express authorization of the Data Subject will be requested again.
The modifications will come into effect upon publication, except for those that require express consent, in which case they will only be applied after having obtained it.
X. Secretariat for Anti-Corruption and Good Governance. The competent authority for the protection of personal data is the Secretariat of Anti-Corruption and Good Governance. If the data subject believes their rights in this matter are being violated, they may contact this Secretariat to request information and receive appropriate support.
XI. Consent.
By using electronic means and/or contracting the services we offer, you acknowledge and tacitly accept this Privacy Notice. This does not prevent SIEMENS SOFOM from implementing mechanisms to obtain your express written consent regarding the processing of your Personal Data, in accordance with the purposes established herein.
If the Data Subject does not consent to the use, purposes and transfer of their personal data, they may express this by sending an email to daniela.sanchez-rello@siemens.com or by calling 56 41 73 84 65 from Monday to Friday from 9:00 a.m. to 6:00 p.m. on business days.
LAST UPDATE: February 2026