Privacy
Policy.

SoftDev.Mx develops and operates mobile applications, web platforms and digital products aimed primarily at users over the age of 18. This Privacy Policy clearly explains how we collect, use, store, share and protect your personal data when you interact with our sites, applications or services (collectively, the “Services”).

This policy was drafted to comply with Mexico's Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP), as well as the data privacy requirements demanded by the distribution and authentication platforms we use or integrate with, including the Apple App Store, Google Play, and Meta Platforms, Inc. (Facebook, Instagram, WhatsApp).

Personal data processing is carried out by SoftDev.Mx, a trademark registered with the Mexican Institute of Industrial Property (IMPI), domiciled in San Luis Potosí, Mexico, acting as the controller responsible for the proper use, protection and processing of users' personal data.

For any questions or requests related to your privacy, you can contact us at: [email protected].

This policy applies to the use of our mobile applications, web platforms, connected systems, contact forms, social media integrations and any other digital channel operated by SoftDev.Mx, including our own SaaS products (WhatsApp Manager, FaceID Enterprise, CryptoVault, SignFlow, C-TPAT Access Control, POS + Inventory and SoftDev Real Estate).

Depending on how you use our applications or services, we may collect the following types of information:

a) Personal data provided by the user

• Name, email address, phone number or other contact details.
• Account or profile information created within the app.
• Content the user uploads or generates within the service (documents, messages, images), where applicable.

b) Technical or usage data

• Device type, operating system and version.
• IP address and time zone.
• Device or app-installation identifiers.
• Information about usage and activity within the application (events, clicks, navigation, diagnostic/crash logs).

c) Biometric data (only for products that explicitly require it)

Some of our products (for example, FaceID Enterprise or biometric access control systems) process facial templates or fingerprints solely for identity verification or identification purposes, under the express consent of the user or the corporate client operating the platform. This data is encrypted at rest and in transit, and is not used for any purpose other than the one authorized.

d) Permissions requested by the app

We only request permissions strictly necessary for the application to function (for example, camera access for biometric scanning, push notifications). We never access sensitive information without explicit consent, and permissions can be revoked at any time from your device settings.

e) Use of data from Meta platforms (Facebook, Instagram, WhatsApp)

If an application developed by SoftDev.Mx uses services from Meta Platforms, Inc. (such as Facebook Login, the WhatsApp Business API, the Instagram API or others), the information obtained is limited solely to data explicitly authorized by the user through the granted permissions.

This data may include, but is not limited to: name, user identifier, profile photo, email address, WhatsApp number, or other fields permitted by the platform. This information is used exclusively for:

• User authentication.
• Proper functioning of the application (for example, sending and receiving messages via the WhatsApp Business API).
• Communication related to the service.

SoftDev.Mx does not store, share or use this data for purposes other than those authorized, and complies with Meta's Platform Policies and Meta's Platform Terms for Developers.

Our website uses first- and third-party cookies to ensure basic site functionality, remember your preferences, and analyze site usage for statistical purposes.

• Essential cookies: necessary for the site to function (for example, remembering your light/dark theme preference or your cookie-notice decision). They do not require consent and cannot be disabled.
• Analytics cookies: we use Google Analytics and Microsoft Clarity to understand, in aggregate, how the site is used (pages visited, session duration, interaction heatmaps) and improve it. These tools load by default on every page.

The cookie notice lets you record your preference, but as of today it does not disable the loading of Google Analytics or Microsoft Clarity. If you wish to limit this tracking, you can do so from your browser settings (for example, enabling “Do Not Track”) or via tracker-blocking extensions. None of these tools are used to individually identify you outside of the site's aggregate analytics.

We collect your data for the following purposes:

• Enabling the correct and secure operation of our applications.
• Improving the user experience and personalizing the interface.
• Providing technical support and resolving reported issues.
• Processing payments or transactions, where applicable.
• Complying with legal or contractual obligations.

We process your personal data based on: (a) your explicit consent when creating an account or accepting this policy; (b) the need to perform a contract or service you requested; (c) compliance with applicable legal obligations; and/or (d) our legitimate interest in maintaining the security and continuous improvement of our Services. You may withdraw your consent at any time without affecting the lawfulness of prior processing.

We do not share your personal data with third parties, except in the following cases:

• Technology service providers that help us operate our applications, such as cloud infrastructure (Microsoft Azure, Amazon Web Services, Google Cloud), payment processing (Stripe), messaging (Meta / WhatsApp Business API), and media file hosting.
• Legal requirements or duly substantiated court orders.
• Cases where the user has given explicit consent.

No personal data is sold, transferred or commercialized under any circumstance.

Some of our infrastructure providers (cloud and messaging) process information on servers located outside Mexico. In these cases, we ensure that such providers maintain adequate security and data protection measures, in accordance with their own privacy policies and applicable international standards.

We implement physical, technical and administrative security measures to protect your personal data against loss, unauthorized access, alteration or improper disclosure.

• Encryption of data in transit (HTTPS/TLS) and, where applicable, at rest.
• Secure authentication and role-based access control.
• Automated backups.
• Production infrastructure monitoring.

We retain personal data only for as long as necessary to fulfill the purposes described in this policy, or while your account remains active, unless the law requires a longer period. It will subsequently be securely deleted or anonymized.

As the data subject, you have the right to:

• Access your personal data held by us.
• Rectify your data when it is inaccurate or incomplete.
• Erase your data when you believe it is no longer needed for the purposes described.
• Object to the processing of your data for specific purposes.
• Restrict the use or disclosure of your data and withdraw your consent at any time.
• Request data portability, where technically feasible.

You can exercise these rights by writing to us at [email protected].

You can request the deletion of your account and associated personal data at any time, in two ways:

• By sending a request to [email protected] indicating the application used and the email associated with your account.
• By completing the dedicated form at softdev.mx/service-delete-account, publicly available with no login required.

Once we receive your request, we will verify your identity and securely delete all information associated with your account within a maximum of 15 calendar days via the dedicated form, or 30 calendar days for general data-rights requests received by email, unless a legal obligation requires retention.

Our applications are intended exclusively for users over the age of 18 due to the technical, contractual or commercial nature of the services offered. We do not knowingly collect information from minors. If you become aware that a minor has provided information without appropriate consent, please contact us and we will delete it immediately.

SoftDev.Mx reserves the right to modify this Privacy Policy at any time. We will notify you of any material changes through the website or within the application itself. The last-updated date appears at the top of this document.

If you have questions about this Privacy Policy or wish to exercise your rights, write to us at: [email protected].