Privacy Policy

HelloGuru Inc.

Date of publication: Jul 24-2022

Effective Date: Jul 24-2022

Presentation

HelloGuru Inc. is a corporation with its principal place of business in the city of Wilmington and both created and governed by the laws of the State of Delaware and the United States of America. HelloGuru its a digital services platform wholly owned by HelloGuru Inc.
Introduction

In accordance with the provisions of different countries and different legislations on the protection of personal data and privacy policies, hereinafter the General System for the Protection of Personal Data, HelloGuru Inc. hereby adopts its Personal Data Protection and Privacy Policy. As part of its commitment to the rights of all its users, especially the right to know, update, rectify, delete or dispute the information that has been collected and stored in our information systems, this Privacy Policy that will be of force and unappealable application by, HelloGuru Inc. in all its processes, products and operations involving the processing of personal data. Likewise, this document presents to our users, as legal holders of the stored personal data, the service channels and the tools available to guarantee the free and effective exercise of the rights listed above, as well as the adequate compliance with the provisions of the General System for the Protection of Personal Data.

This Policy, despite the fact that data protection laws vary according to countries and legislations and where some provide higher levels of protection than others, will always prefer, provide and be interpreted in the way of providing the highest possible level of guarantee for the Owner and his personal data, regardless of the place where it is collected, process or store your information.
Definitions
1. User: Any natural or natural person who has registered personal data on the platforms of HelloGuru Inc. and enjoys their services.
2. Personal data: Any information linked or that can be associated with one or more specific or determinable natural persons.
3. Sensitive personal data: Information of the intimate sphere of the person whose improper use may generate discrimination.
4. Authorization: Prior, express, and informed consent of the Owner to carry out the Processing of personal data.
5. Database: Organized set of personal data subject to Treatment.
6. Processing: Any operation or set of operations on personal data, such as collection, storage, organization, categorization, use, circulation, or suppression.
7. Person in charge of the Treatment: Natural or legal person, public or private, that by itself or in association with others, carries out the Processing of personal data on behalf of the Responsible for the Treatment.
8. Responsible for the Treatment: Natural or legal person, public or private, that by itself or in association with others, decides on the database and / or the Treatment of the data.
9. Owner or holder of personal data: Natural person whose data are subject to treatment. In the context of this policy are the users, or those natural or natural persons who subscribe to the HelloGuru Inc. platforms to take their services.
10. Cookie: it is a file that is downloaded to the user's computer equipment when accessing certain web pages to store and retrieve information about the navigation that is carried out from that computer.
11. Web Beacom: is a semi-transparent graphic image that is placed on a website and is used to retrieve information about the navigation and behavior of the user who visits the site. It is often used in combination with cookies.
Guiding principles for the processing of personal data

In accordance with the provisions of the General System for the Protection of Personal Data, the interpretation and application of this policy HelloGuru Inc. in all its processes and operations involving the processing of personal data will apply, in a harmonious and comprehensive manner, the following principles:
1. Principle of legality**:** The Treatment referred to in this policy is a regulated activity that must be inexcusably subject to the provisions of the General System for the Protection of Personal Data and all the legislation applicable to the matter.
2. Principle of purpose: The Treatment must obey a legitimate purpose in accordance with the Law, which must be informed to the Owner.
3. Principle of freedom: The Treatment can only be exercised with the prior, express and informed consent of the Owner. Personal Data may not be obtained or disclosed without prior authorization, or in the absence of a legal or judicial order that relieves consent.
4. Principle of veracity: The information subject to Treatment must be truthful, complete, accurate, updated, verifiable and understandable. The processing of partial, incomplete, or misleading data is prohibited.
5. Principle of transparency: In the Treatment, the right of the Holder to obtain from the Responsible for the Treatment or the Person in Charge of the Treatment, at any time and without restrictions, information about the existence of data that belong to him must be guaranteed.
6. Principle of access and restricted circulation: The Treatment is subject to the limits that derive from the nature of the personal data and the provisions of the General System for the Protection of Personal Data. In this sense, the Treatment may only be done by persons authorized by the Owner and / or by the persons provided for in this Policy. Personal data may not be available on the Internet or means of distribution or communication, unless access is technically controllable to provide restricted knowledge only to the Holders or third parties authorized by the same Holders.
7. Principle of security: The information subject to Treatment by the Responsible for the Treatment or Person in Charge of the Treatment referred to in this Policy, must be handled with the technical, human and administrative measures that are necessary to grant reasonable security to the records avoiding their adulteration, loss, consultation, use or unauthorized or fraudulent access.
8. Principle of confidentiality: All persons, areas, dependencies or agents of HelloGuru Inc. that intervene in the Processing of personal data are obliged to guarantee the privacy of the information, even after the end of their relationship with la Company and the Treatment, being able to only treat or transfer personal data when its linked to the development of the activities authorized by HelloGuru Inc. and in the terms and with the scope determined by this Policy.
Rights of the holders

The Owner or Holder of the personal data will have the following rights:
1. To know, update, rectify, delete, or dispute your personal data over the Data Controllers or Treatment Managers.
2. To be informed by the Data Controller or the Data Processor, upon request, regarding the use you have given to your personal data, as well as the modifications and updates of this personal Private Policy.
3. To Request proof of the authorization granted to the Responsible for the Treatment except when it is expressly excepted as a requirement for the Treatment, in accordance with the provisions of the General System for the Protection of Personal Data.
4. To Revoke the authorization and / or request the deletion of the data when the Treatment does not respect the principles, rights and legal guarantees established by the General System for the Protection of Personal Data or this Private Policy.
5. To submit to the administrative authorities of any level complaints for violations of the provisions of the General System for the Protection of Personal Data.
Without prejudice to the provisions of the General System for the Protection of Personal Data; the exercise of the above rights will be unrestricted and unlimited, also free when the supports are issued in digital format, when the Owner requests physical supports the costs of the copies and postal mail will be borne by him.
General channel for the exercise of the rights of the owner

To exercise the rights described in the previous section, a written request from the Owner must be send to the email [email protected] referring to the object of the request, identification of the Owner, user, and registered email. Once the petition has been filed, it must be resolved in the terms of the law and notified by the same means that it was filed.
Data Controllers

The person responsible for the processing of the personal data of the users will be HelloGuru Inc. commercial company, with main domicile in the city of Wilmington and the state of Delaware in the United States of America, constituted by the certificate of incorporation number SR 20196343542 and folio number 7547772 of the eighth (8) of May of two thousand ten and nine (2019). For more information or requests related to the processing of personal data, the email [email protected] is enabled.
Data collected that may be processed

All data provided by the users of HelloGuru Inc. are subject to processing, such as those provided during the creation of accounts, subscription of services, training processes in the use of HelloGuru Inc. platforms that include: full names, identification number, email, telephone number, postal address, gender, age, date of birth, economic sector, and operational needs.

All data provided and created during the use of the platforms of HelloGuru Inc. and its services, such as device details or IP information, location and use of the app and/or the website, interactions with the website, source of access to the website, are also subject to processing, location and geolocation, payment and billing information.

Likewise, data related to the user's activity on the HelloGuru Inc. platforms such as:
1. The terms and criteria for searching, acquiring or usage of Services provided by the Platforms.
2. Activity, visits and interactions with content and Services provided by HelloGuru.
3. Activity, visits and interactions with third-party websites and services that advertise or promote their services on our platforms.
When data of a sensitive nature are collected, this will be treated in accordance with the General System for the Protection of Personal Data and other applicable legislation and in any case these types of data will only be shared within the limits, with the purposes and under the purposes expressly authorized by the Owner, guaranteed the greatest possible legal protection for his privacy.
Purposes of the processing of personal data and their scope

The collection, storage, processing and circulation of the personal data of users registered on the platforms of HelloGuru Inc. has the primary objective of informing, illustrating and properly documenting the activity and commercial purpose of the Company, the due and effective provision of the services and functionalities of HelloGuru, as well as the operations and services offered and / or contracted so that they are provided in the best way and with the highest quality. This includes the following purposes:
1. Track the user and their experience, in order to provide the appropriate services and products to meet their specific needs, personalize the service, the content of the web pages and applications and establish fluid communication with the Owner based on their preferences.
2. Conduct under the best quality standards the commercial relationship between HelloGuru Inc. and the Holder according to their particular needs and personal expectations. Including the user account management and billing process.
3. Prepare a historical and / or statistical record of the information of the usage of the Services that allows the registered user a personalized and effective management of the Subscribed Services and operational or commercial needs.
4. Carry out the commercial and operative profiling of the registered user, including prospecting and/or satisfaction surveys, to offer the services that are most attractive or best adjusted to their needs.
5. to offer our catalog of services to our registered users. This includes sending communications about services, features, studies, surveys, news, and updates.
6. Exchange of personal data of the registered user with our service providers to keep the Services of HelloGuru operational and functional for de Owner.
7. Develop internal company processes for the development and enrichment of internal operations and systems. As well as the administrative management of requests, complaints or claims, and user support.
8. General administrative uses that include reports and requirements of administrative or judicial authorities, accounting, fiscal and administrative management, including the legal responsibility to keep books and commercial records stored for the period established by applicable law.
9. Maintain and improve our services or develop new ones, as well as to measure and control its performance.
National or international transmission of personal data

HelloGuru Inc. does not trade directly with the personal data of users without their express authorization and accurately identifying the destination of the data and the purpose that the acquirer intends to give.

However, the products and services provided by HelloGuru require the exchange of personal data of the user with different agents, services providers and business partners and may be shared in the following cases:
1. With the entity in charge of the Processing of the data to process them for us, according to our instructions and in accordance with this Privacy Policy.
2. With suppliers or business partners in the financial sector HelloGuru Inc. as payment processors and facilitators, and only for the purposes of confirming bank transfers, invoicing and payment for contractual services and obligations. This information may contain banking and credit information of the Holder such as bank product numbers, full names, identification number, email, telephone number, postal address, gender, age, date of birth.
3. On mergers, divisions, or corporate acquisitions in which HelloGuru Inc. participates. In this case, the confidentiality of the Holder's personal data will always be maintained and ensured, and their prior and express authorization will be required before the personal data is transferred.
4. With consultants, marketing partners, market research companies and other service providers or business partners. These include: Cloud storage providers, marketing partners and marketing platform providers, data analytics providers, publishers, developers, consultants, lawyers, accountants, and other professional service providers.
We will also share users' personal data at the express request of administrative or judicial authorities and when necessary to comply with laws and government regulations of applicable laws.

In any case, it will always ensure compliance with the requirements of the General System for the Protection of Personal Data and the technical and administrative protection measures by the Data Processor and especially for data of a sensitive nature.
Tracking, Traffic and Behavior Technologies

In order to allow the services of the HelloGuru Inc. platforms to function normally and create new functions, facilitate the legitimate flow of information and allow validations for access to the different functionalities of the platforms, we use digital tools for automatic data collection, including cookies and web beacons.

These tracking tools can be deactivated at any time through the configuration menu of the browser used by the Owner, but when deactivating these tools you may not be able to access or enjoy some functionalities of the platforms. The procedure to deactivate is different depending on the browser used by the Owner and below we relate the procedures of the most common browsers for your knowledge, this information must be reproduced in the different legal documents of all HelloGuru Inc. platforms. :
Authorization and consent of the holder

All users who register to the platforms of HelloGuru Inc. must authorize the processing of personal data in the terms of this Privacy Policy in order to use of their services, to that extent at the time of registration and in other stages, when its required and necessary, a dialog, box, legal disclamer, or button must be found under the title [Policy and Privacy Policy] its must be read and accepted in order to access thedifferent ranges of services of HelloGuru.

In development of the principle of freedom within the framework of operations within the HelloGuru platform, the user should be strongly urged to consult this Policy and be told that, if he considers, suspects or discovers that using the platform puts his personal data at risk, he must withdraw from registration, not to use, suspend or stop using its services.
Retention and deletion of personal data

The profile, transactions and other personal data of the users listed in this Policy are kept for as long as their account is in force on the platforms of HelloGuru Inc.

As well as the Owner, at any time may close his account and in development of the rights granted by this Policy and the General System for the Protection of Personal Data, he may request to delete his personal data from the platforms and their information systems. However, certain information necessary to comply with legal obligations or administrative regulations of the applicable legislation may be kept.
Security and non-disclosure

All of HelloGuru's administrative, corporate, and operational processes have a strong focus on information security, and HelloGuru Inc. applies a robust internal security policy that includes multiple internal measures and processes that seek to ensure the integrity, security, and privacy of our Customers data and information (The Resources), as described below:
1. By default, all modules, objects or data stores and information (The Resources) of our Customers must be and configured in Private mode and only the Customer’s and its collaborators must have access to them, HelloGuru will inform the Customer’s if any or some features of the Service, functionalities or services of third parties require that modules, objects or data stores are Publicly Accessible.
2. The modules, objects or data stores and the information (The Resources) of our Customer’s s configured in Public Access mode will apply the same internal security policies that HelloGuru applies for Private configurations.
3. The architecture of the Services may imply that backups, copies or replication of the data and information (The Resources) of our Customer’s s are made, all modules, objects or data warehouses that contain such backups will be and configured in Private mode and only the Customer’s and its collaborators must have access to them.
4. All data and information (The Resources) of our Customer’s s that transits, is deposited or stored within the HelloGuru service architecture will not be accessed, consulted or viewed in detail in any way by any worker or collaborator of HelloGuru Inc. unless it's requested, authorized and necessary, that is, without prior and express request and authorization from the Costumer, solely for the purpose of providing service support and only as a last resort in the event that the Customer's collaborators have been unable to resolve a problem with the Services.
5. Only the leaders of the technological and data area and no other worker or collaborator of HelloGuru Inc. will have the credentials to access the data and information (The Resources) of our Customers for support purposes in the terms of numeral 4. In case of being requested, authorized and necessary support access, is up to the area leaders to manage access with minimum privileges, monitor it and ensure due compliance with HelloGuru's information security policy.
6. In the event that HelloGuru accesses the data and information (The Resources) of our Customers for support purposes in the terms of numeral 4, the leaders of the technological and data area must generate an activity report that details (i) the way in which the Customer's made the request and provided their prior authorization (ii) name of the collaborator, time, date, place, IP and the requested access (iii) the modules, objects or warehouses accessed and (iv) activities carried out, said report must be available to the Customer’s .
7. In the development of HelloGuru's information security policy, all HelloGuru Inc. employees or collaborators must enter into a Confidentiality Agreement that prohibits the disclosure, publication, dissemination, copying, offering or making available to third parties, in whole or in part, data and information (The Resources) of our Customers, this includes the access of support requested, authorized and necessary for the proper provision of the services.
8. In the development of HelloGuru's information security policy, all workers or collaborators of HelloGuru Inc. must use strong passwords and two-factor authentication, as well as take all reasonable security precautions in the management and development of their activities within the Company always seeking to guarantee integrity, security and privacy of data and information (The Resources) of our Customers.
9. In development of HelloGuru's information security policy, all workers, or collaborators of HelloGuru Inc. may only use computer equipment and Internet Protocols (IP) registered and authorized by the Company, which will also establish mechanisms to monitor and authenticate the computer equipment and Internet Protocols (IP) used by its collaborators.
  
  The HelloGuru Platform uses secure servers in secure facilities in the US that have multiple security measures and constant monitoring to prevent unauthorized access and the detection of digital threats that seek to affect the integrity of data.
  
  However, since HelloGuru has taken and will take all reasonable security measures to protect the Customer's information while is using the Services, the Customer agreed to:
  - Maintain strict confidentiality of the Usernames and Passwords provided by the Hello Guru platforms, which should only be used by persons expressly authorized by the Customer.
  - Instruct each authorized person to whom the Customer provides a Username and Password that they must not disclose it to any unauthorized person and must take all reasonable security measures so that no unauthorized person has access to it.
  - Use or establish Usernames and Passwords that are reasonably secure and complex enough to avoid being easily deduced by unauthorized persons and to change them every 6 months.
  - Take immediate action if you believe that your Username and Password have been compromised and may have been accessed by an unauthorized person; changing Username and Password, suspending the use of the Services and notifying us of the compromise of your access information immediately.
  - The Customer will be responsible for the use that he gives to the Services and the integrity, security and privacy of his information when he gives or allows access to his Username and Password to an unauthorized person, for all purposes this person will be considered an authorized person even if it engages an unsolicited transaction or uses the Services in ways prohibited by these Terms of Service.
  It is the Customer responsibility to assess and calculate the security risks to their operations before subscribing to and using the Services. If you consider, suspect, or discover that using the HelloGuru platform may cause you any type of damage, puts at risk in any way your rights, legal assets or legal attributions or patrimonial values it is your responsibility not to use, suspend or stop using its Services.
  
  By subscribing to some additional services, it is possible that other allied companies or technology providers may have access to the HelloGuru databases, but they will only do so for the exclusive purpose of supporting the provision of the Service and keeping it operational and under the strict terms of a service and confidentiality agreement between HelloGuru and our allied companies or technology providers that you can see here:
  
  https://d1.awsstatic.com/legal/aws-customer-agreement/AWS_Customer_Agreement_Spanish_Translation.pdf
Validity and update

This Privacy Policy has been updated to Jul 24-2022 and applies from that same date.