Personal Data Protection

In compliance with article 250 of the General Guidelines to prove compliance with its obligations regarding the protection of personal data, the Administration of the Altamira National Port System S.A de C.V. informs you about the processing of your personal data in its possession.
Comprehensive Privacy Notices
Contact details of the Transparency Unit and, where applicable, the Personal Data Protection Officer
Relevant Information Regarding Personal Data Protection
Format Virtual section “Protection of personal data”
Format Virtual section “Protection of personal data”
N.
Criterion
Verification means
1. Hyperlink to the section called “Personal Data Protection” published on the internet portal of the obligated subject on the home page https://www.puertoaltamira.com.mx/proteccion-de-datos-personales/
2. Hyperlink to section “1. Comprehensive privacy notices” published within the “Personal Data Protection” section https://www.puertoaltamira.com.mx/aviso-de-privacidad-integral/
3. Hyperlink to section “2. Contact information for the Transparency Unit and, where applicable, the Personal Data Protection Officer” published in the “Personal Data Protection” section. https://www.puertoaltamira.com.mx/datos-de-contacto-de-la-unidad-de-transparencia/
4. Hyperlink to section “3. Relevant information regarding the protection of personal data” published in the section “Protection of Personal Data” https://www.puertoaltamira.com.mx/proteccion-de-datos-personales/
Section 1: Principles
Section 1: Principles
Variable and format 1.1 Comprehensive Privacy Notice
Fiscal year (year) for which the information is presented (2023)
Information publication date

 

 (21/06/2023)
Date of last update (21/06/2023)
N.
Criterion
Verification means
1. Hyperlink to the document containing the information related to the comprehensive privacy notice or notices:

a) Name of the processing of personal data carried out by the obligated subject (including the processing of data of its personnel)

b) Type of medium by which the privacy notice is disseminated (Physical / Electronic / Physical and Electronic / Optical / Sound / Visual / Other technology)

c) Physical place in which the owner can review the privacy notice

d) Hyperlink to the privacy notice published on the website of the person responsible

 https://puertoaltamira.com.mx/upl/sec/Informacion_relativa_al_aviso_o_avisos_de_privacidad_integrales.pdf
Variable and format 1.2 Mechanisms to accredit compliance with principles, duties and obligations of the General Law and other applicable provisions
Fiscal year (year) for which the information is presented
 (2023)
Information publication date

 

 (21/06/2023)
Date of last update (21/06/2023)
N.
Criterion
Verification means
1. Official letter or instrument through which the allocation of resources for the implementation of personal data protection programs and policies is authorized. In the process of updating
2. Hyperlink to the personal data protection program or policy https://puertoaltamira.com.mx/upl/sec/PCTAIPDP_2023_ASIPONA_ALTAMIRA.pdf
3. Hyperlink to personal data protection training program https://puertoaltamira.com.mx/upl/sec/PCTAIPDP_2023_ASIPONA_ALTAMIRA.pdf
4. Hyperlink to the document in which the supervision and surveillance systems are specified In the process of updating
5. Hyperlink to the document in which the person responsible establishes the procedure for receiving and answering questions and complaints from the owners regarding the protection of personal data. In the process of updating
Section 2: Duties
Section 2: Duties
Variable and format 2.1 Security duty
Fiscal year (year) for which the information is presented
 (2023)
Information publication date

 

 (21/06/2023)
Date of last update (21/06/2023)
N.
Criterion
Verification means
1. Hyperlink to the public version of the security document of the person responsible, testing only what is related to the work plan that also contains the risk and gap analysis

Under no circumstances should the complete security document held by the person responsible be included in this section. The security document must be published protecting the respective work plan, risk analysis and gap analysis; which implies that if they are left visible, without exception, it will be considered a non-compliance with this criterion.

 In the process of updating
2. Hyperlink to the document that contains the internal policies for the management and processing of personal data In the process of updating
Variable and format 2.2 Duty of confidentiality and communications of personal data
Fiscal year (year) for which the information is presented
 (2023)
Information publication date

 

 (21/06/2023)
Date of last update (21/06/2023)
N.
Criterion
Verification means
1. Hyperlink to the document through which the controls aimed at ensuring the confidentiality that must be maintained by all persons involved in any phase of the processing of personal data are established. Controls must be clearly identified in a simple manner. In the process of updating
2. Hyperlink to the document containing the list of legal instruments that regulate the relationship with those in charge, which will establish as a general clause the maintenance of confidentiality regarding the personal data processed by the person in charge. The document must contain the name and hyperlink of the public version of each legal instrument and its purpose, as well as indicate whether these include the general confidentiality clause.

If it does not apply, the person responsible must specify that to date there is no Manager(s).

 In the process of updating
3. Hyperlink to the document that contains the list of legal instruments through which the contracting or adhesion to services, applications and infrastructure in cloud computing and other matters is formalized, in which the general contracting conditions or clauses are established, including those in which the provider(s) are obliged to maintain confidentiality regarding the personal data on which the service is provided. The document must contain the name and hyperlink of the public version of each legal instrument, its purpose and indicate whether they include the general conditions or clauses of the contract, as well as the general confidentiality clause.

If it does not apply, the person responsible must specify that to date there is no provider(s) of services, applications and infrastructure in cloud computing and other matters.

 In the process of updating
4. Hyperlink to the document that contains the list of legal instruments through which transfers of personal data are formalized, and in which the recipient of the personal data is obliged to guarantee the confidentiality of the personal data being processed. The document must contain the name and hyperlink of the public version of each legal instrument, its purpose, a brief description of the way in which the consent of the owner was obtained, or specify any of the exceptions established in articles 22 section II. and/or 70 of the General Law; means or form by which the person responsible communicated to the recipient of the personal data, the privacy notice in accordance with which the personal data is processed against the owner; as well as indicate if these include the general confidentiality clause

If it does not apply, the person responsible must specify that to date no transfers have been made, or that it does not apply because one of the assumptions established in article 66 sections I and II of the General Law are updated.

 In the process of updating
Section 3: Exercise of Arco rights
Section 3: Exercise of Arco rights
Variable and format 3.1 Mechanisms for the exercise of ARCO rights
Fiscal year (year) for which the information is presented
 (2023)
Information publication date

 

 (21/06/2023)
Date of last update (21/06/2023)
N.
Criterion
Verification means
1. Hyperlink of the document that contains the means and procedures enabled by the person responsible to respond to requests for the exercise of ARCO rights
2. Hyperlink to the document that details the following information related to requests for the exercise of the right of Access to personal data received by the obligated subject:

a) Number of applications received

b) Number of requests attended to within the established legal deadline

c) Number of requests that were not attended to within the established legal deadline

If you have not received requests to exercise the right of Access to personal data, you must specify it in this format without it being necessary to publish any document.

 In the process of updating
3. Hyperlink to the document that details the following information related to requests for the exercise of the right to Rectification of personal data received by the obligated subject:

a) Number of applications received

b) Number of requests attended to within the established legal deadline

c) Number of requests that were not attended to within the established legal deadline

If you have not received requests to exercise the right to Rectify personal data, you must specify it in this format without it being necessary to publish any document.

 In the process of updating
4. Hyperlink to the document that details the following information related to requests for the exercise of the right to Cancel personal data received by the obligated subject:

a) Number of applications received

b) Number of requests attended to within the established legal deadline

c) Number of requests that were not attended to within the established legal deadline

If you have not received requests to exercise the right to Cancel personal data, you must specify it in this format without it being necessary to publish any document.

 In the process of updating
5. Hyperlink to the document that details the following information related to requests for the exercise of the right to Oppose the processing of personal data received by the obligated subject:

a) Number of applications received

b) Number of requests attended to within the established legal deadline

c) Number of requests that were not attended to within the established legal deadline

If you have not received requests to exercise the right to Oppose the processing of personal data, you must specify it in this format without it being necessary to publish any document.

 In the process of updating
Section 4: Portability
Section 4: Portability
Variable and format 4.1 Portability of personal data
Fiscal year (year) for which the information is presented
 (2023)
Information publication date

 

 (21/06/2023)
Date of last update (21/06/2023)
N.
Criterion
Verification means
1. Indicate whether the obligated subject processes personal data by automated or electronic means (Yes / No)

If personal data is not processed by automated or electronic means, the following legend must be included:

“The (name of the obligated subject) does not process personal data by automated or electronic means.”

If you do not do so, you must omit publishing information in the following criteria of this variable

 

 In the process of updating
2. Indicate whether it uses an electronic format that is accessible and readable by automated means, that is, that the latter can identify, recognize, extract, explore or perform any other operation with specific personal data (Yes / No) In the process of updating
3. Indicate if the format used allows the reuse and/or exploitation of personal data (Yes / No) In the process of updating
4. Document that contains the hyperlink to the comprehensive privacy notice(s) for each processing of personal data in which it is possible to request their portability, where the types or categories of personal data that are technically portable are established. ; the types of structured and commonly used formats available to obtain or transmit their personal data, and the mechanisms, means and procedures available so that the owner can request the portability of their personal data. Said document must contain the following information:

a) Name of the processing of personal data that allows portability

b) Type of medium by which the privacy notice is disseminated (Physical / Electronic / Physical and Electronic / Optical / Sound / Visual / Other technology)

c) Physical place in which the owner can review the privacy notice

d) Hyperlink to the privacy notice published on the website of the person responsible

 In the process of updating
5. Indicate whether, in the event that the owner does not accompany his request with the storage medium for the preparation of the corresponding copy of his personal data, the obligated subject provides said storage medium (Yes / No) In the process of updating
6. Hyperlink to the document through which it establishes the administrative, physical and technical security measures for the transmission of personal data such as, but not limited to, user authentication mechanisms, secure connections, or using electronic means. encrypted transmission.

If it is a security document, it must include its public version. Under no circumstances should the complete security document held by the person responsible be included in this section. The security document must be published protecting the respective work plan, risk analysis and gap analysis; which implies that if they are left visible, without exception, it will be considered a non-compliance with this criterion.

 In the process of updating
Section 5: Preventive actions regarding the protection of personal data
Section 5: Preventive actions regarding the protection of personal data
Variable and format 5.1 Impact assessment on the protection of personal data
Fiscal year (year) for which the information is presented
 (2023)
Information publication date

 

 (21/06/2023)
Date of last update (21/06/2023)
N.
Criterion
Verification means
1. Name of the public policy, program, system, platform, application or any other activity that involves intensive or relevant processing of personal data carried out.

If it does not apply, the person responsible must specify it and must omit entering information in the subsequent criteria of this variable.

 En proceso de actualización
2. The public policy, program, system, platform, application or any other activity that involves intensive or relevant processing of personal data carried out is subject to any of the exemptions from the presentation of impact assessment (Yes/No) In the process of updating
3. If the answer is affirmative, hyperlink to the exemption report issued by the INAI. You should omit entering information in the subsequent criteria of this variable.

In the event that the public policy, program, system, platform, application or any other activity that involves intensive or relevant processing of personal data carried out is not subject to any of the exemptions from the impact assessment presentation, publish the hyperlink to the impact evaluation delivered to the INAI

 In the process of updating
4. Hyperlink to the corresponding non-binding recommendations opinion issued by the INAI In the process of updating
Section 6: Persons responsible for the Protection of Personal Data
Section 6: Persons responsible for the Protection of Personal Data
Variable and format 6.1 The Transparency Committee and the Transparency Unit
Fiscal year (year) for which the information is presented
 (2023)
Information publication date

 

 (21/06/2023)
Date of last update (21/06/2023)
N.
Criterion
Verification means
1. Indicate if you have a Transparency Committee (Yes/No)

If the answer is negative, you must omit entering information in the subsequent criteria of this format.

 In the process of updating
2. Hyperlink to the document containing the established and implemented internal procedures that ensure greater efficiency in the management of requests for the exercise of ARCO rights In the process of updating
3. Hyperlink to the specific criteria established by the Committee for the best observance of the General Law and those provisions applicable to the matter In the process of updating
4. Hyperlink to the training and updating program for the responsible public servants established by the Committee In the process of updating
5. Indicate if you have a Transparency Unit (Yes/No).

If the answer is negative, you must omit entering information in the subsequent criteria of this variable.

 In the process of updating
6. Indicate whether the Transparency Unit is the area in charge of managing requests for the exercise of ARCO rights (YES / No) In the process of updating
7. Hyperlink to the document that contains the mechanisms established by the Transparency Unit to ensure that personal data is only delivered to its owner or his duly accredited representative In the process of updating
8. Hyperlink to the document through which the person responsible makes known to the general public the costs for the reproduction and sending of the personal data requested, based on the provisions of the applicable regulatory provisions. In the process of updating
9. Hyperlink to the document that contains the instruments applied to evaluate the quality of the management of requests for the exercise of ARCO rights In the process of updating
10. Hyperlink to the document that lists the agreement(s) made with specialized public institutions to assist in the reception, processing and delivery of responses to requests for personal data, in indigenous language, Braille or any corresponding accessible format, in a more efficient manner. In the process of updating
Variable and format 6.2 Personal Data Protection Officer
Fiscal year (year) for which the information is presented
 (2023)
Information publication date

 

 (21/06/2023)
Date of last update (21/06/2023)
N.
Criterion
Verification means/strong>
1. Carry out intensive or relevant personal data processing (Yes/No) In the process of updating
2. Hyperlink to the document through which the controller designated the Personal Data Protection Officer In the process of updating

 

 

Date for last update: 21/06/2023 (19:30 Horas)