TEC360, S.A.P.I DE C.V. (hereinafter, the "Responsible"), domiciled at Avenida Paseo de la Reforma 195 16th floor, Colonia Cuauhtémoc, Alcaldía Cuauhtémoc, CP 06500, Mexico City, Mexico; informs that based on the provisions of Articles 15 and 16 of the Federal Law on Protection of Personal Data in Possession of Individuals, is responsible for collecting personal data ("Data") from the Data Subject/You ("The Data Subject" or "You"), the use given to the Data as well as its protection.

Our Privacy Notice is designed to help you understand how we collect and use the personal information ("Personal Information") you provide to us and to help you make informed decisions when using our website and services.

Information gathering

When you visit our Web Site, we may collect information about your visit from your computer. That information helps us determine how you arrived at our Web Site, the date you visited our Web Site and the search engines that may have taken you to our Web Site. We collect this information to continually improve and enhance our functionality.

The information you provide to us is categorized into two general types (user-provided information and Web Site usage information), both of which are described in more detail below.

Personal Information you choose to provide to us

In order to make your visits to the Web Site as enjoyable as possible, we may ask you for Personal Information. Personal Information includes, for example, your name and e-mail address, two pieces of information that we may ask for when you register with Cornerstone. A description of some of the methods by which you may provide information to us, as well as more details about how we may use that Personal Information, is provided below.

How we use your information

The purpose of the processing of the data provided to the Data Controller will be evaluation, analysis, use, handling, exploitation, cautious transfer, proper disposal, responsible disclosure, storage by any means as well as any access action.

In relation to the collection and processing of such information the Responsible undertakes and undertakes to observe and comply with the principles of legality, consent, information, quality, purpose, loyalty, proportionality and responsibility. That is, all the Data that we request from you are collected in a lawful manner, with your consent, collecting only and exclusively the relevant, correct, updated and necessary data to provide you with a quality service.

The Responsible's database, where the Data is stored, can only be operated by the Responsible's personnel, whose functions are regulated by the internal policies of the same. Likewise, the Data Controller has implemented security measures to protect the Data Subject's personal data against any damage, loss, alteration, destruction or unauthorized use, access or processing.

Likewise, we inform you that we use the personal information you provide us only to provide you with the products and services you request, as well as to inform you about our new products and promotions. In general, we share your information only with our affiliates or subsidiaries.

Mechanisms and procedures so that, if applicable, the holder may revoke his/her consent to the processing of his/her personal data.

We remind you that, regarding the Protection of Personal Data in Possession of Individuals, you may exercise the following rights ("Arco Rights"):

- Access: You may request access to your personal data by following the procedure described below.

- Rectification: You may ask us to correct any of your Data, in case we have registered any of them erroneously or there is any change in them.

- Cancellation: You may request that we cancel or delete your Data as long as there is a cause that justifies such action.

- Opposition: Oppose the processing of your Data.

In accordance with the provisions of Article 29 of the Federal Law for the Protection of Personal Data in Possession of Individuals, the aforementioned rights may be asserted personally or through your legal representative, through the following procedure:

You must submit a duly completed letter, which must be presented in duplicate at the address specified in this privacy notice, between the hours of 10:00 a.m. and 2:30 p.m. and must attach the following documents and data:

Copy of the Holder's official identification (e.g. Voter's Credential, Passport or Professional License). In the event that the legal representative is the one exercising his/her rights, he/she must also attach a document that proves such character, as well as a copy of his/her official identification.

A precise description of your Data and what you want to be done with such data, such as access, rectification, cancellation or opposition, as the case may be. In the case of rectification, you must attach the documents supporting the rectification.

You may attach any other data or document that facilitates the location of the data to be processed, such as a copy of the Holder's folio.

Finally, it must contain the autograph signature of the holder or legal representative of the same.

Once the procedure described above has been exhausted, the Controller will communicate to the Data Subject, within a period not exceeding 20 (twenty) calendar days, counted from the date on which the request is submitted, the response and treatment that has been given to the request. The foregoing, to the effect that, if the request is admissible, it will be executed within 15 (fifteen) calendar days following the date on which the response is communicated. In the case of requests for access to personal data, the delivery will be made upon proof of the identity of the applicant or legal representative, as the case may be.

In the case of the Holders who have their domicile outside the circumscription of the domicile indicated in this notice, it may be presented by certified mail, taking as the date of presentation the day on which it arrives at the domicile indicated in this document.

Contact data/feedback

If you send us an e-mail through a link in the "Contact Us" section of our Web Site, we may ask you for information, such as your name and e-mail address, so that we can respond to your questions and comments. If you choose to write to us by e-mail, we may retain the content of your e-mail messages, your e-mail address and the response we have sent to you. In certain cases, and with your consent, we may post content from e-mails you have sent to us on the Web Site.

Questionnaires and surveys

From time to time we may ask visitors to our Web Site to complete online questionnaires and opinion surveys about their activities, attitudes and interests. These surveys help us provide you with better service and improve the usefulness of Cornerstone. In asking you to participate in these surveys, we may ask you to provide us with your name and e-mail address.

Bulletin boards

Our Web Site may offer its users the opportunity to use bulletin boards, blogs and chat rooms to engage in conversations with other users. If you choose to use these features, you should be aware that any personal information you provide through these features may be read, collected or used by other visitors to these forums and could be used to send you unsolicited messages. We are not responsible for the personal information you choose to submit in these forums.

Information on the use of the Web Site

When you visit Cornerstone, we may use cookies on or in connection with our Web Site to retain information about you. A cookie is a tiny text document that a

often includes an anonymous unique identifier and additional information necessary to use the intended functionality of the site.

When you visit our Web Site, it will send a session cookie to your browser if your browser preferences allow it. However, (to protect your privacy) your browser only allows our Web Site to access cookies that our Web Site has sent to you, and not those sent by other Web sites. Except as otherwise specified herein, all of our cookies are necessary for the provision of our services.

Most web browsers can be set to notify you when you are sent a cookie and to allow you to refuse it. You can request information on how to disable cookies from your browser and delete all cookies currently stored on your computer at the following link.

In some cases, rejecting a cookie may mean that you may not be able to use a feature or certain features of our Web Site. It may also adversely affect the display and operation of the Website or certain parts or features of the Website.

Transparent GIFs

When you visit us, we may also use "clear GIFs" (also called "web beacons" or "pixel tags") or similar technologies on our Web Site and/or in our communications with you. In general, a clear GIF is a pixel-sized transparent image placed on a web page, in an e-mail or other message that helps us verify that a person has viewed or received a web page or message. Clear GIFs allow us to know whether you have viewed a web page before visiting our Web Site and may allow us to relate that information to other information, including your personal information. We use the information provided by clear GIFs to generate more accurate reports, improve the effectiveness of our marketing campaigns and improve for our users.

IP address and clickstream data

When you visit us, our servers automatically collect data about your IP address. When you request pages from our Web Site, our servers may

log your IP address and sometimes your domain name. In addition, our servers may log the referring page that sent you to us (for example, another website or a search engine); the pages you visit on this Website; the website you visit after this Website; other information about the type of web browser, computer, platform, related software and settings you use; the search terms you entered on this Website or on a referring website; and other activity and other website usage data that our web servers have logged. We use this information for internal administration of our systems, to diagnose problems with our servers and to administer our Web Site. Such information may also be used to gather broad demographic information, such as country of origin and Internet service provider. Personal Information (including IP addresses) is not used to facilitate contact with users who have not provided their contact information. Your IP address may be used to identify the series of clicks that led you to our Web Site. However, Personal Information is not shared with any outside marketing company.

Participation and non-participation rights

You have the right to "opt-in" and/or "opt-out" of the various uses we make of your Personal Information. For example, you may be able to choose whether you wish to receive correspondence from us and/or other service providers. Your Personal Information will not be shared with other service providers unless you authorize it. You may opt-out of receiving promotional emails from TEC360 by clicking on the "opt-out" or "unsubscribe" link included in the emails you receive.

Please note that even if you opt out of receiving promotional correspondence from us, we may still contact you regarding your relationship, activities, transactions and communications with us.

Use, Disclosure and Sharing of Personal Information Service Providers

We may use third parties to help us operate and maintain our Web Site and to provide our products and services. We may also share your information

with our service providers and other third parties ("Affiliated Parties") that provide products or services for or through this Web Site or to us (such as web site or database hosting companies, address list hosting companies, communications providers, e-mail service providers, analytics companies, distribution companies, supply companies, credit card processing companies, and other similar service providers that use such information on our behalf).

Third-party service providers are contractually prevented from using or disclosing the information except as necessary to perform services on our behalf or to comply with legal requirements.

Aggregate statistics

We may disseminate non-personal aggregate statistics regarding user behavior to measure interest in and use of our Web Site, as well as e-mails to third parties in the form of aggregate data, such as general patterns or demographic reports that do not describe or identify individual users. Information related to aggregate statistics will be collected through the use of third party cookies and other external tracking devices.

Disclosures required by law

We may disclose your Personal Information if required to do so by law or court order or if we believe it is necessary (a) to comply with the Law, a court order or a decree or to comply with legal process served on us or our Affiliated Parties; (b) to protect and defend our rights and property, the Web Site, users of the Web Site and/or our Affiliated Parties; or (c) to act as circumstances require to protect the safety of users of our Web Site, ourselves or others.

Third party websites

From this Website you may be able to visit or link to other websites, including other websites operated by us or by unaffiliated third parties. These websites may collect Personal Information about you and (because this Privacy Notice does not contain a link to other websites) may also collect Personal Information about you.

covers the information practices of those other websites) you should read the privacy policies/notices of those other websites to find out how they treat your Personal Information.

Privacy of minors

This Web Site is not directed to children under the age of thirteen. We do not knowingly collect Personal Information from children under the age of thirteen on our Web Site. If we learn that we have inadvertently received Personal Information from a visitor under the age of thirteen on our Web Site, we will delete the information from our records.

Security

We use industry-standard and commercially reasonable physical, managerial and technical security measures to protect the integrity and security of your Personal Information. We also employ Secure Sockets Layer (SSL) encryption when transmitting sensitive information. While we strive to protect the security and integrity of sensitive Personal Information provided to this Web Site, given the inherent nature of the Internet as an open global communication vehicle, we cannot guarantee the security of information during its transmission over the Internet or during its storage on our systems or otherwise in our care from intrusion by third parties, such as hackers.

If you contact us by e-mail or a "Contact Us" or similar feature of the Web Site, you should be aware that your transmission may not be secure. An unaffiliated third party may be able to view the information you submit by these methods while it is in transit. We assume no responsibility for the dissemination of your information resulting from errors or unauthorized actions of third parties during or after transmission.

In the unlikely event that we believe that the security of your Personal Information in our possession or under our control has been compromised, we will notify you. If such notification is appropriate, we will do so as soon as possible in the relevant circumstances, and (provided that we have your e-mail address) we will notify you as soon as possible.

e-mail) via e-mail. You authorize us to use e-mail as a means of notification.

Updates to our Privacy Notice

This Privacy Notice may be changed or updated from time to time to reflect changes in the law, our data collection and use practices, features of the Services, or advances in technology. You should review the Privacy Notice regularly to see if it has changed since you last consulted it. To do so, you can check the "effective date" at the beginning of the document. If you continue to use the Services, you confirm that you have read and understand the latest version of the Privacy Policy. If we make material changes to the Policy, we will notify you via a pop-up notice on the page, or by other means, to provide you with an opportunity to review the changes before they become effective, in accordance with applicable legal requirements.