Effective Date: May 7th, 2025

GLOBAL PRIVACY POLICY

 

  1. INTRODUCTION AND SCOPE

ATISoft Technologies, LLC («ATISoft», «we», «us», «our»), legally domiciled in the State of Texas, United States, is committed to protecting your privacy and personal data.

This Privacy Policy describes how we collect, use, store, and protect the personal information of our clients, prospects, and website visitors across our global operations, including the United States, Central America, and the Caribbean. 

This Privacy Policy applies solely to ATISoft Technologies, LLC acting as a Data Controller for our website visitors, business contacts, and marketing leads. Any data that you upload, process, or manage specifically through our software solutions or technical platforms during the execution of a service contract is governed by the specific Master Service Agreement (MSA) and Data Processing Addendum (DPA) signed between the parties, where ATISoft acts solely as a Data Processor. 

  1. INFORMATION WE COLLECT

Depending on your interaction with us (website usage, requests for quotations, contracted services), we may collect the following categories of data:

  • Identification Data: Full name, job title, signature.
  • Corporate Contact Data: Professional email address, phone number, company address.
  • Technical and Navigation Data: IP address, browser type, cookies, and website usage data.

 Children’s Privacy: Our services are directed exclusively toward companies and professionals. We do not knowingly collect data from individuals under the age of 18.

Important Note: ATISoft Technologies, LLC does not proactively collect sensitive personal data (such as racial origin, health data, biometrics, etc.) for the provision of its B2B services. 

  1. PURPOSE OF PROCESSING

We use your data exclusively to:

  1. Primary Purposes (Necessary):
    1. Processing of requests for quotations and contracts
    2. Provision of technological and consulting services
    3. Fiscal and legal compliance
    4. Infrastructure security
  2. Secondary Purposes (Optional):
    1. Sending newsletters, event invitations, and marketing.
    2. Refusal Mechanism: If you do not wish for your data to be processed for Secondary Purposes, you may indicate this at the time of data collection or send an immediate email to privacy@atisoft.us with the subject ‘Refusal for Secondary Purposes.’ Refusal to use your personal data for these purposes will not be a reason for us to deny you the contracted services.
  3. Share with Management Platforms, Providers, and Affiliates: For comprehensive operational management and the provision of specialized technical services, ATISoft Technologies, LLC may share and process Identification and Contact Data (including full name, job title, corporate email, phone number, and company address), as well as Commercial Information (such as billing details, contract signatures, and RFQ/RFP requests). Such information may be hosted and managed on our operational and commercial management platforms (including CRM, ERP, and Billing systems, and cloud infrastructure providers such as Microsoft Azure, Amazon Web Services, etc.) and shared with Service Providers and Affiliates, specifically designating our operational provider, ATISoft S.A. de C.V., located in Mexico, for technical execution. All such transfers are conducted under strict confidentiality agreements and Data Processing Agreements (DPAs) that guarantee the same level of security and compliance described in this policy. 
  1. SECTION A: UNITED STATES RESIDENTS (TEXAS & US FEDERAL)

This section applies if you reside in the State of Texas or any other jurisdiction within the United States.

Compliance with the TDPSA (Texas Data Privacy and Security Act): ATISoft acts as a «Controller» of your personal data. Pursuant to Texas law, you have the right to:

  • Confirm whether we are processing your personal data and access such data.
  • Correct inaccuracies in your personal data.
  • Request the deletion of your personal data.
  • Obtain a copy of the personal data you explicitly provided to us, in a portable and, to the extent technically feasible, readily usable format (such as .csv or .json) that allows you to transmit the data to another controller without hindrance.
  • Opt-out of the processing of data for purposes of targeted advertising or the sale of data.
  • Right to Appeal: If we decline to take action regarding your request, you have the right to appeal our decision. We will provide you with a written explanation of the reasons for our decision and instructions on how to submit an appeal. 

No Sale of Data and Targeted Advertising: ATISoft Technologies LLC does not sell your personal information for monetary profit. However, under the definitions of the TDPSA and other applicable U.S. laws, the use of certain third-party tracking technologies (cookies/pixels) for analytics and targeted advertising may be considered a ‘Sale’ or ‘Sharing’ of data for cross-context behavioral advertising. We engage in such processing solely to provide you with relevant content regarding our specialized services. You have the right to Opt-out of this specific processing at any time by clicking the ‘Do Not Sell or Share My Personal Information’ link in our footer or adjusting your browser’s Global Privacy Control (GPC) signals. 

  1. SECTION B: LATIN AMERICA AND CARIBBEAN RESIDENTS

This section applies if you are located in Mexico, Central America, the Caribbean, or any jurisdiction with data protection laws inspired by the ARCO rights model or GDPR. 

International Data Transfer: By interacting with ATISoft Technologies, LLC, you acknowledge and accept that your data may be transferred to and processed in the United States, Mexico, and on platforms for operational and commercial management (including CRM, ERP, and Billing systems, and cloud infrastructure providers such as Microsoft Azure, Amazon Web Services, etc.) and shared with Service Providers and Affiliates. We guarantee that such transfers are carried out under appropriate security measures. 

Explicit Consent: By providing your data and accepting this Policy, you explicitly consent to the transfer of your information to our affiliates and service providers, specifically ATISoft S.A. de C.V., for the strict purpose of service quotation, execution and operational management. The transfer of operational data to our technical hub, ATISoft S.A. de C.V. in Mexico, is a necessary requirement for the execution of the contracted specialized technical services. By engaging our services or requesting a formal quotation, you explicitly consent to this cross-border transfer. Please note that objecting to this specific transfer may render ATISoft Technologies, LLC unable to fulfill the contractual service obligations due to our operational structure. 

In the event of a conflict between this Policy and the local data protection laws of your specific jurisdiction, the specific provisions of the local regulation that grant greater protection to the data subject shall prevail. 

In addition to your ARCO rights, you may limit the use or disclosure of your personal data for secondary purposes (marketing) by requesting your enrollment in our internal ‘Exclusion List for Marketing Communications’ (Listado de Exclusión). To do so, please send an email to privacy@atisoft.us

Your Rights (ARCO Rights): You have the right to exercise the following actions regarding your data:

  • Access: Know what data we hold about you and what we use it for.
  • Rectification: Request the correction of your information if it is outdated or incorrect.
  • Cancellation: Request the deletion of your data from our records when it is no longer necessary for the legal contractual relationship.
  • Opposition: Oppose the use of your data for specific purposes (e.g., marketing newsletters).
  • You may revoke the consent specifically granted for the processing of your data at any time, without retroactive effect, specifically regarding the transfer of data or secondary purposes. 
  1. INFORMATION SECURITY

We implement technical, administrative, and physical security measures aligned with industry standards to protect your information against unauthorized access, alteration, disclosure, or destruction. 

We will retain your personal data only for as long as the commercial relationship remains active. Upon termination of the contract or service:

  1. For Clients (Contractual & Fiscal Data): Information required for tax and legal compliance will be retained for a strictly limited period of 5 years following the end of the fiscal year, to satisfy the statute of limitations in Texas and Mexico. After this period, data will be securely deleted or anonymized.
  2. For Prospects & Marketing Data: Personal data of non-client prospects or inactive contacts will be automatically deleted after 2 years of inactivity, unless you request deletion sooner via our Opt-out mechanisms. 

In the unfortunate event of a security breach that compromises the confidentiality, integrity, or availability of your personal data and poses a significant risk to your rights, ATISoft will notify you and the competent authorities within the timelines required by applicable law. 

  1. CHANGES TO THIS POLICY

We reserve the right to update this policy at any time to reflect changes in our specialized services or legal requirements. Material changes will be notified through a visible notice on our website or via email to active clients prior to the change becoming effective. The date at the top of this policy indicates the latest revision. 

  1. EXERCISE OF RIGHTS AND CONTACT

To exercise any of your rights (whether under Texas laws or international regulations), manage your cookie preferences, appeal a decision, or if you have questions about this policy, please contact our Privacy Officer:

  • Email: privacy@atisoft.us
  • Postal Address: 2001 Timberloch Pl. 500, The Woodlands, Texas, 77380, USA.
  • Subject: Privacy Request – [Your Country] 

ATISoft Technologies, LLC will respond to your request within the strict legal timeframes established by the regulations applicable to your location. For residents of Texas and the U.S., the response timeframe is up to 45 days. For residents of Mexico and jurisdictions with similar laws, the determination will be communicated within a maximum of 20 business days, with the measure becoming effective within the 15 business days following the notification of validity.