Español
Mexico
Getty Images
Supplemental Privacy Statement
At Pan‑American Life Insurance Group, Inc. and its controlled affiliates, subsidiaries, and branches (collectively, “PALIG”) we are committed to protecting your privacy. Part of that commitment is making sure we follow U.S. state and country specific privacy laws and regulations. This section complements our Privacy Policy; please make sure to read that document as well to have a comprehensive view of our privacy practices. If you need to review a country’s specific privacy practices, please select the appropriate country from the menu at the top of the page.
All definitions used in this section are based on the California Consumer Privacy Act (“CCPA”), unless otherwise noted. For the purposes of this section, “Personal Information” is information that identifies, relates to, or could reasonably be linked with a particular resident or household.
Collection of Personal Information
During the past 12 months, PALIG may have collected the following types of personal information about you:
Category | Examples |
|---|---|
Identifiers | Name, contact information, unique personal identifier, online identifier, Internet Protocol address, account name, Social Security number, driver's license number, passport number, among others |
Personal information | Name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, health insurance information, or benefits information |
Characteristics of protected classifications | Age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex, sexual orientation, veteran or military status, genetic information |
Commercial information | Transaction information and purchase history, such as records of personal property, products or services purchased, obtained, or considered |
Biometric information | Fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data |
Internet or other similar activities | Browsing history, search history, information on a consumer's interaction with our website, application, or advertisement |
Geolocation data | Physical location or movement about a particular individual or device |
Audio, electronic, visual and similar information | Call and video recordings |
Professional or employment‑related information | Current or past job history or performance evaluations |
Inferences drawn from other personal information | Profile reflecting a person's preferences, characteristics, trends, and attitudes |
As expressed in our , we can obtain these categories of personal information from:
- Information collected from direct interactions with you
- Information collected directly from website visitors
- Information collected from portal visits
- Information collected by automated means
Use of Personal Information
We use your information to provide you a service, for example, to provide you a quote or create an account in our website.
- To administer your policy, for example, to bill you, communicate with you or administer a claim.
- To provide you newsletters or offer you new products.
- To invite you to our events.
- To manage your accounts with us.
- To process your transactions and payments.
- To provide you customer service.
- To personalize our website and give you and experience relevant to your needs and interests.
- To keep our website, products and services up to date, secure and accurate.
- To perform identity verification.
- For research, product development and benchmarking.
- To respond to law enforcement requests, when applicable, and to comply with our internal policies and procedures.
- To protect our business operations, secure our network and information technology, assets and services.
- To prevent and detect fraud, unauthorized activities, unauthorized access and other misconduct.
- To operate, manage, and maintain our business, perform accounting and audits.
- To maintain records.
- To enhance the ability of visitors to browse and load website content.
- Disclosure of personal Information
Sharing Personal Information
Categories of Personal Information | Our Affiliates | Our Business Partners | Our Social Media Networks | Third Party Marketing Partners | Benefit plan’s plan sponsor or plan administrator |
|---|---|---|---|---|---|
Identifiers | X | X | X | X | |
Personal information | X | X | X | ||
Characteristics of protected classifications | X | X | X | ||
Commercial information | X | X | X | X | |
Biometric information | X | X | X | ||
Internet or other similar activities | X | X | X | X | |
Geolocation data | X | X | X | X | X |
Audio, electronic, visual and similar information | X | X | |||
Professional or employment‑related information | X | ||||
Inferences drawn from other personal information | X | X | X |
PALIG may be required to disclose all categories of personal information with law enforcement, regulatory agencies, or litigants based on legally enforceable requests for this information.
We Do Not Sell your Information: We will not sell your personal information to anyone, for any purpose. Likewise, we do not engage in the use automated means to make decisions that involve sensitive information.
Your Rights
Some of the U.S states and countries where we operate have a specific list of rights that their residents can exercise. Please search the list below to identify your rights based on your state/country of residence.
To exercise your privacy rights, you must submit a verifiable request here. Once we receive and verify this request, we will strive to respond to all legitimate request within thirty (30) days the number of days, unless an exception applies. You may have the right to appeal our decision regarding your request. To file for an appeal click here.
We will not discriminate against you for exercising your privacy rights. Once you exercise your rights, we will not:
- Deny you services.
- Charge you different prices or rates, or impose penalties.
- Provide you a different level or quality of services.
- You may authorize an agent to submit a privacy request on your behalf. Please note, requests submitted by authorized agent also require verification of your identity before processing.
Changes to this Policy
We may change or update this Policy from time to time. When we do, we will post the revised Policy on this page with a new “Last Updated” date.
Right to Request Accessible Alternative Format
This Policy has been designed to be accessible to people with disabilities. If you are having difficulty viewing or navigating the content on this Policy, please email our team at adacompliance@palig.com with “Disabled Access” in the subject line. You can also reach us via phone by calling 1‑877‑939‑4550.
Last Updated May 2024
At Pan‑American Life Insurance Group, Inc. and its controlled affiliates, subsidiaries, and branches (collectively, “PALIG”) we are committed to protecting your privacy. Part of that commitment is making sure we follow U.S. state and country specific privacy laws and regulations. This section complements our Privacy Policy; please make sure to read that document as well to have a comprehensive view of our privacy practices. If you need to review a country’s specific privacy practices, please select the appropriate country from the menu at the top of the page.
All definitions used in this section are based on the California Consumer Privacy Act (“CCPA”), unless otherwise noted. For the purposes of this section, “Personal Information” is information that identifies, relates to, or could reasonably be linked with a particular resident or household.
Collection of Personal Information
During the past 12 months, PALIG may have collected the following types of personal information about you:
Category | Examples |
|---|---|
Identifiers | Name, contact information, unique personal identifier, online identifier, Internet Protocol address, account name, Social Security number, driver's license number, passport number, among others |
Personal information | Name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, health insurance information, or benefits information |
Characteristics of protected classifications | Age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex, sexual orientation, veteran or military status, genetic information |
Commercial information | Transaction information and purchase history, such as records of personal property, products or services purchased, obtained, or considered |
Biometric information | Fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data |
Internet or other similar activities | Browsing history, search history, information on a consumer's interaction with our website, application, or advertisement |
Geolocation data | Physical location or movement about a particular individual or device |
Audio, electronic, visual and similar information | Call and video recordings |
Professional or employment‑related information | Current or past job history or performance evaluations |
Inferences drawn from other personal information | Profile reflecting a person's preferences, characteristics, trends, and attitudes |
As expressed in our , we can obtain these categories of personal information from:
- Information collected from direct interactions with you
- Information collected directly from website visitors
- Information collected from portal visits
- Information collected by automated means
Use of Personal Information
We use your information to provide you a service, for example, to provide you a quote or create an account in our website.
- To administer your policy, for example, to bill you, communicate with you or administer a claim.
- To provide you newsletters or offer you new products.
- To invite you to our events.
- To manage your accounts with us.
- To process your transactions and payments.
- To provide you customer service.
- To personalize our website and give you and experience relevant to your needs and interests.
- To keep our website, products and services up to date, secure and accurate.
- To perform identity verification.
- For research, product development and benchmarking.
- To respond to law enforcement requests, when applicable, and to comply with our internal policies and procedures.
- To protect our business operations, secure our network and information technology, assets and services.
- To prevent and detect fraud, unauthorized activities, unauthorized access and other misconduct.
- To operate, manage, and maintain our business, perform accounting and audits.
- To maintain records.
- To enhance the ability of visitors to browse and load website content.
- Disclosure of personal Information
Sharing Personal Information
Categories of Personal Information | Our Affiliates | Our Business Partners | Our Social Media Networks | Third Party Marketing Partners | Benefit plan’s plan sponsor or plan administrator |
|---|---|---|---|---|---|
Identifiers | X | X | X | X | |
Personal information | X | X | X | ||
Characteristics of protected classifications | X | X | X | ||
Commercial information | X | X | X | X | |
Biometric information | X | X | X | ||
Internet or other similar activities | X | X | X | X | |
Geolocation data | X | X | X | X | X |
Audio, electronic, visual and similar information | X | X | |||
Professional or employment‑related information | X | ||||
Inferences drawn from other personal information | X | X | X |
PALIG may be required to disclose all categories of personal information with law enforcement, regulatory agencies, or litigants based on legally enforceable requests for this information.
We Do Not Sell your Information: We will not sell your personal information to anyone, for any purpose. Likewise, we do not engage in the use automated means to make decisions that involve sensitive information.
Your Rights
Some of the U.S states and countries where we operate have a specific list of rights that their residents can exercise. Please search the list below to identify your rights based on your state/country of residence.
To exercise your privacy rights, you must submit a verifiable request here. Once we receive and verify this request, we will strive to respond to all legitimate request within thirty (30) days the number of days, unless an exception applies. You may have the right to appeal our decision regarding your request. To file for an appeal click here.
We will not discriminate against you for exercising your privacy rights. Once you exercise your rights, we will not:
- Deny you services.
- Charge you different prices or rates, or impose penalties.
- Provide you a different level or quality of services.
- You may authorize an agent to submit a privacy request on your behalf. Please note, requests submitted by authorized agent also require verification of your identity before processing.
Changes to this Policy
We may change or update this Policy from time to time. When we do, we will post the revised Policy on this page with a new “Last Updated” date.
Right to Request Accessible Alternative Format
This Policy has been designed to be accessible to people with disabilities. If you are having difficulty viewing or navigating the content on this Policy, please email our team at adacompliance@palig.com with “Disabled Access” in the subject line. You can also reach us via phone by calling 1‑877‑939‑4550.
Last Updated May 2024
Country Regulation
Pan‑American México, Compañía de Seguros, S.A. de C.V. Privacy Notice
I. Identity and Address of the Data Controller
Pan‑American México, Compañía de Seguros, S.A. de C.V. (here in after referred to as the “Company”), is an insurance company authorized to operate in the Life, Accident, and Health insurance sectors, incorporated in accordance with the Mexican Insurance and Bonding Companies Law (LISF, by its initial in Spanish), with its registered address at Av. Paseo de la Reforma 412, Suite 1501, Colonia Juárez, Cuauhtémoc , C.P. 06600, Mexico City.
The Company is responsible for the processing of personal data collected in connection with the legal relationship it maintains with you, whether in your capacity as policyholder, insured, beneficiary, prospective client, or visitor to our facilities, and in relation to your interest in the protection provided by an insurance policy issued by the Company.
Personal data may be collected directly or through our Insurance Agents, representatives, or third parties who, in compliance with their obligations, are required to submit or transfer such information to the Company. Data collection may be carried out through printed forms, electronic, optical, audio, visual means, or any other available technology.
II. Personal Data to Be Processed
The categories of personal data that the Company may request and use for the purposes of the services it provides include the following: identification and gender data; contact and address information; occupational data; financial data; educational background; transit and immigration data; as well as data related to administrative and judicial matters.
Additionally, depending on the type of insurance, the Company may process the following categories of Sensitive Personal Data: health status; personal characteristics and habits; and physical traits. The processing of these sensitive data requires your express authorization, which shall be considered granted with respect to any data provided directly by you or through an authorized intermediary. These data are subject to evaluation and are invariably included with your application or, once the risk has been accepted by the Company, become part of the insurance policy and other contractual documentation issued in your favor, whether as the insured, primary insured, beneficiary, or dependent insured. This is evidenced by an individual certificate or the cover page of the policy.
Your authorization or consent shall be understood as expressly granted when you provide your personal data directly to any person authorized to receive such information on behalf of the Company, for the purpose of maintaining the contracted insurance product and processing claims for benefits under the policy issued or to be issued.
III. Means of Obtaining Personal Data
Personal data, in accordance with the categories and subcategories previously mentioned, may be obtained by the Company through the following means:
- Directly: When you provide them personally at our offices, through authorized officers or employees, or via intermediaries. Data may also be collected through remote means, whether electronic or physical, including our website, images, email, or telephone contact center.
- Indirectly: Through transfers made by authorized individuals or entities, via publicly accessible sources, or when the data have been generated as a result of an existing legal relationship or one that may be established with the Company.
IV. Primary Purposes of the Processing
The personal data collected will be processed to fulfill all purposes related to the legal relationship established with the Company, as well as the legal and contractual obligations arising therefrom. Specifically, and depending on the type of data subject, the primary purposes include:
- General Visitors (for security and surveillance purposes): When necessary for the protection of individuals, their belongings, and the movable and immovable property located within the Company’s premises. This includes monitoring through video surveillance cameras at physical access points, as well as logging electronic access to our websites.
- Clients: (Including applicants, real owners, policyholders, trustors, insured parties, and beneficiaries): Personal data will be processed for the following purposes:
- Identification of the data subject.
- Evaluation of insurance applications and risk selection.
- Inclusion as an insured party under group policies.
- Determination of applicable premiums, deductibles, and coverages.
- Issuance, maintenance, administration, and renewal of policies.
- Claims handling and management.
- Contacting family members in case of emergency.
- Requesting references, conducting inquiries, investigations, and reviews related to claims, complaints, or disputes.
- Provision of services derived from policies through the Company’s provider network.
- Fraud prevention and detection of operations involving illicit funds.
- Preparation of statistical studies.
- Compliance with obligations and exercise of rights under the Mexican Insurance Contract Law, the Mexican Insurance and Bonding Companies Law, and other applicable legislation.
V. Secondary Purposes of the Processing
Your personal data may be processed for the offering and promotion of goods, products, and services and/or for marketing and commercial prospecting purposes, both by the Company and by its business partners who offer complementary or related services to those provided by the Company. This will only occur if you grant your consent for such purposes, in accordance with the provisions of Section XIV of Article 294 of the Mexican Insurance and Bonding Companies Law.
VI. Transfers of Personal Data
The Company informs you that it may transfer your personal data to third parties solely for the primary purposes described in this Privacy Notice. Such transfers may be made to:
- Service providers: For service delivery, claims handling, and policy administration.
- Insurance agents and the distributors network: For issuance, maintenance, renewal, and other services related to the policy.
- Regulatory, governmental, and judicial authorities: For compliance with legal provisions, preparation of statistical studies, and prevention of operations involving illicit funds.
- Other insurance institutions and industry associations: For underwriting, investigation, payment of claims, and fraud prevention.
Additionally, the Company may transfer your personal data to third parties for the secondary purposes outlined in this Notice. In such cases, your consent will be deemed granted unless you express your refusal upon becoming aware of this Notice, either directly, in person, or via email addressed to the Privacy Officer.
If the Company needs to transfer financial and/or sensitive personal data for secondary purposes or for any other purpose not contemplated in this Notice, you will be informed in advance and your express written consent will be obtained, or through other appropriate means.
All personal data processed for primary and/or secondary purposes will be duly safeguarded and protected by the Company, in its capacity as Data Controller. Once the purposes have been fulfilled, the data will be suppressed following a blocking period and will remain stored for a period of seventy‑two (72) months, counted from the date the processing purposes conclude.
During this period, the data will remain blocked and may not be subject to processing, except for legal liability purposes. After this period, the data will be permanently deleted from the databases of both the Company and any third parties that may have processed them.
VII. Means for Exercising the Rights to Access, Rectification, Erasure, and Objection
You, or your duly authorized legal representative, may exercise your rights of Access, Rectification, Cancellation, or Opposition (ARCO) with respect to your personal data at any time. To do so, you must submit the form titled “Exercise of ARCO Rights,” available at or at our offices, along with the corresponding documentation, to the Privacy Officer.
The ARCO rights allow you to:
- Access: You may request information regarding the personal data processed by the Company. Such data may be provided in printed copies or through electronic means.
- Rectification: You may request the correction of one or more of your personal data, for which you must provide supporting documentation that justifies the requested change.
- Opposition: You may object to the processing of your personal data for a specific purpose. Please note that processing for primary purposes is essential for fulfilling the Company’s obligations under the insurance contract and applicable laws.
- Cancellation: You may request the deletion of your personal data, provided that such data are no longer necessary for the established relationship and are not required to be retained by the Company for a minimum period under applicable law. The cancellation process involves a blocking period, after which the data will be deleted. During the blocking period, the data may only be retained to address potential legal liabilities. The blocking period will correspond to the statute of limitations applicable to legal actions arising from the relationship that gave rise to the data processing. Once the cancellation process is complete, you or your representative will be notified.
The exercise of these rights is free of charge; however, the Company may require payment for justified expenses related to shipping or reproduction of the requested information.
Once your complete request is received, the Company will respond within a maximum of 20 business days. If the request is approved, it will be implemented within the following 15 business days. In the event of a total or partial denial, in accordance with the grounds established in Article 33 of the Federal Law on the Protection of Personal Data Held by Private Parties, the Company will inform you or your representative of the reason for its decision using the same communication method and within the established timeframes, attaching, where applicable, the evidence supporting such determination.
VIII. Means to Limit the Use and Disclosure of Personal Data
The processing of your personal data is essential for fulfilling the activities and obligations arising from the Insurance Contract, as well as the legal provisions applicable to the Company. Therefore, it is not possible to limit the processing of your personal data with respect to the primary purposes established in this Privacy Notice.
However, in the case of Sensitive Personal Data, the Company will limit its processing to the minimum necessary, in accordance with the terms of the relevant insurance contract or policy, and only for the time strictly required to fulfill such purposes.
Regarding the processing of your personal data for secondary purposes, you may limit its use and disclosure through the following options:
Sending a request to the Company’s Privacy Officer via email at: privacidad.mx@palig.com.
Requesting inclusion in the exclusion lists maintained by the Company for this purpose, in order to prevent the use of your personal data for marketing, advertising, or commercial prospecting purposes.
Additionally, when your personal data is collected through electronic means (Internet), the Company may automatically obtain information for statistical and commercial prospecting purposes, as permitted by applicable legislation.
IX. Revocation of Consent
You may revoke, at any time, the consent you have granted for the processing of your personal data by submitting a request to the Company’s Privacy Officer via email at: privacidad.mx@palig.com.
Please note that revoking your consent may result in the inability to continue providing the contracted services and may lead to the termination of the legal relationship with the Company, including, where applicable, the cancellation of the Insurance Contract.
X. Security Measures for the Processing of Personal Data
The Company has implemented effective and corrective administrative, technical, and physical security measures to protect your personal data against damage, loss, alteration, destruction, and unauthorized use, access, or processing, both by the Company and by any third party involved in its processing.
XI. Means of Communicating the Privacy Notice and Any Changes to the Privacy Notice
This Privacy Notice, as well as any modifications there to, will be available for consultation on the Company’s official website: , and through notices posted at our offices. Nevertheless, the foregoing, such modifications may also be communicated through any other means the Company considers appropriate.
XII. Contact Information of the Privacy Officer
Email: privacidad.mx@palig.com
Address: Av. Paseo de la Reforma 412, Suite 1501, Colonia Juárez, Cuauhtémoc, Mexico City, C.P. 06600.
XIII. Consent to the Privacy Notice
Having read, explained, and disclosed this Privacy Notice to the Data Subject, the Data Subject hereby grants express consent for the processing of their personal data, including sensitive, financial, and asset‑related data, in accordance with the purposes described in this Notice.
Likewise, the Data Subject grants express consent for the transfer of their personal data under the terms established in this Privacy Notice.
Finally, in the event that you have provided personal, sensitive, financial, or asset‑related data of other data subjects through your conduct, you also accept and acknowledge the obligation to inform such data subjects of this Privacy Notice, explain the purposes of the data processing, and direct them to the Company’s website where this Notice is available. You also agree to inform them that you have provided their sensitive, financial, and/or asset‑related personal data. If applicable, you further accept and acknowledge your obligation to provide your own privacy notice and to safeguard and protect the personal data disclosed to you in your capacity as the data controller.
Date of last update: June 30, 2025.
Pan‑American México, Compañía de Seguros, S.A. de C.V. Privacy Notice
I. Identity and Address of the Data Controller
Pan‑American México, Compañía de Seguros, S.A. de C.V. (here in after referred to as the “Company”), is an insurance company authorized to operate in the Life, Accident, and Health insurance sectors, incorporated in accordance with the Mexican Insurance and Bonding Companies Law (LISF, by its initial in Spanish), with its registered address at Av. Paseo de la Reforma 412, Suite 1501, Colonia Juárez, Cuauhtémoc , C.P. 06600, Mexico City.
The Company is responsible for the processing of personal data collected in connection with the legal relationship it maintains with you, whether in your capacity as policyholder, insured, beneficiary, prospective client, or visitor to our facilities, and in relation to your interest in the protection provided by an insurance policy issued by the Company.
Personal data may be collected directly or through our Insurance Agents, representatives, or third parties who, in compliance with their obligations, are required to submit or transfer such information to the Company. Data collection may be carried out through printed forms, electronic, optical, audio, visual means, or any other available technology.
II. Personal Data to Be Processed
The categories of personal data that the Company may request and use for the purposes of the services it provides include the following: identification and gender data; contact and address information; occupational data; financial data; educational background; transit and immigration data; as well as data related to administrative and judicial matters.
Additionally, depending on the type of insurance, the Company may process the following categories of Sensitive Personal Data: health status; personal characteristics and habits; and physical traits. The processing of these sensitive data requires your express authorization, which shall be considered granted with respect to any data provided directly by you or through an authorized intermediary. These data are subject to evaluation and are invariably included with your application or, once the risk has been accepted by the Company, become part of the insurance policy and other contractual documentation issued in your favor, whether as the insured, primary insured, beneficiary, or dependent insured. This is evidenced by an individual certificate or the cover page of the policy.
Your authorization or consent shall be understood as expressly granted when you provide your personal data directly to any person authorized to receive such information on behalf of the Company, for the purpose of maintaining the contracted insurance product and processing claims for benefits under the policy issued or to be issued.
III. Means of Obtaining Personal Data
Personal data, in accordance with the categories and subcategories previously mentioned, may be obtained by the Company through the following means:
- Directly: When you provide them personally at our offices, through authorized officers or employees, or via intermediaries. Data may also be collected through remote means, whether electronic or physical, including our website, images, email, or telephone contact center.
- Indirectly: Through transfers made by authorized individuals or entities, via publicly accessible sources, or when the data have been generated as a result of an existing legal relationship or one that may be established with the Company.
IV. Primary Purposes of the Processing
The personal data collected will be processed to fulfill all purposes related to the legal relationship established with the Company, as well as the legal and contractual obligations arising therefrom. Specifically, and depending on the type of data subject, the primary purposes include:
- General Visitors (for security and surveillance purposes): When necessary for the protection of individuals, their belongings, and the movable and immovable property located within the Company’s premises. This includes monitoring through video surveillance cameras at physical access points, as well as logging electronic access to our websites.
- Clients: (Including applicants, real owners, policyholders, trustors, insured parties, and beneficiaries): Personal data will be processed for the following purposes:
- Identification of the data subject.
- Evaluation of insurance applications and risk selection.
- Inclusion as an insured party under group policies.
- Determination of applicable premiums, deductibles, and coverages.
- Issuance, maintenance, administration, and renewal of policies.
- Claims handling and management.
- Contacting family members in case of emergency.
- Requesting references, conducting inquiries, investigations, and reviews related to claims, complaints, or disputes.
- Provision of services derived from policies through the Company’s provider network.
- Fraud prevention and detection of operations involving illicit funds.
- Preparation of statistical studies.
- Compliance with obligations and exercise of rights under the Mexican Insurance Contract Law, the Mexican Insurance and Bonding Companies Law, and other applicable legislation.
V. Secondary Purposes of the Processing
Your personal data may be processed for the offering and promotion of goods, products, and services and/or for marketing and commercial prospecting purposes, both by the Company and by its business partners who offer complementary or related services to those provided by the Company. This will only occur if you grant your consent for such purposes, in accordance with the provisions of Section XIV of Article 294 of the Mexican Insurance and Bonding Companies Law.
VI. Transfers of Personal Data
The Company informs you that it may transfer your personal data to third parties solely for the primary purposes described in this Privacy Notice. Such transfers may be made to:
- Service providers: For service delivery, claims handling, and policy administration.
- Insurance agents and the distributors network: For issuance, maintenance, renewal, and other services related to the policy.
- Regulatory, governmental, and judicial authorities: For compliance with legal provisions, preparation of statistical studies, and prevention of operations involving illicit funds.
- Other insurance institutions and industry associations: For underwriting, investigation, payment of claims, and fraud prevention.
Additionally, the Company may transfer your personal data to third parties for the secondary purposes outlined in this Notice. In such cases, your consent will be deemed granted unless you express your refusal upon becoming aware of this Notice, either directly, in person, or via email addressed to the Privacy Officer.
If the Company needs to transfer financial and/or sensitive personal data for secondary purposes or for any other purpose not contemplated in this Notice, you will be informed in advance and your express written consent will be obtained, or through other appropriate means.
All personal data processed for primary and/or secondary purposes will be duly safeguarded and protected by the Company, in its capacity as Data Controller. Once the purposes have been fulfilled, the data will be suppressed following a blocking period and will remain stored for a period of seventy‑two (72) months, counted from the date the processing purposes conclude.
During this period, the data will remain blocked and may not be subject to processing, except for legal liability purposes. After this period, the data will be permanently deleted from the databases of both the Company and any third parties that may have processed them.
VII. Means for Exercising the Rights to Access, Rectification, Erasure, and Objection
You, or your duly authorized legal representative, may exercise your rights of Access, Rectification, Cancellation, or Opposition (ARCO) with respect to your personal data at any time. To do so, you must submit the form titled “Exercise of ARCO Rights,” available at or at our offices, along with the corresponding documentation, to the Privacy Officer.
The ARCO rights allow you to:
- Access: You may request information regarding the personal data processed by the Company. Such data may be provided in printed copies or through electronic means.
- Rectification: You may request the correction of one or more of your personal data, for which you must provide supporting documentation that justifies the requested change.
- Opposition: You may object to the processing of your personal data for a specific purpose. Please note that processing for primary purposes is essential for fulfilling the Company’s obligations under the insurance contract and applicable laws.
- Cancellation: You may request the deletion of your personal data, provided that such data are no longer necessary for the established relationship and are not required to be retained by the Company for a minimum period under applicable law. The cancellation process involves a blocking period, after which the data will be deleted. During the blocking period, the data may only be retained to address potential legal liabilities. The blocking period will correspond to the statute of limitations applicable to legal actions arising from the relationship that gave rise to the data processing. Once the cancellation process is complete, you or your representative will be notified.
The exercise of these rights is free of charge; however, the Company may require payment for justified expenses related to shipping or reproduction of the requested information.
Once your complete request is received, the Company will respond within a maximum of 20 business days. If the request is approved, it will be implemented within the following 15 business days. In the event of a total or partial denial, in accordance with the grounds established in Article 33 of the Federal Law on the Protection of Personal Data Held by Private Parties, the Company will inform you or your representative of the reason for its decision using the same communication method and within the established timeframes, attaching, where applicable, the evidence supporting such determination.
VIII. Means to Limit the Use and Disclosure of Personal Data
The processing of your personal data is essential for fulfilling the activities and obligations arising from the Insurance Contract, as well as the legal provisions applicable to the Company. Therefore, it is not possible to limit the processing of your personal data with respect to the primary purposes established in this Privacy Notice.
However, in the case of Sensitive Personal Data, the Company will limit its processing to the minimum necessary, in accordance with the terms of the relevant insurance contract or policy, and only for the time strictly required to fulfill such purposes.
Regarding the processing of your personal data for secondary purposes, you may limit its use and disclosure through the following options:
Sending a request to the Company’s Privacy Officer via email at: privacidad.mx@palig.com.
Requesting inclusion in the exclusion lists maintained by the Company for this purpose, in order to prevent the use of your personal data for marketing, advertising, or commercial prospecting purposes.
Additionally, when your personal data is collected through electronic means (Internet), the Company may automatically obtain information for statistical and commercial prospecting purposes, as permitted by applicable legislation.
IX. Revocation of Consent
You may revoke, at any time, the consent you have granted for the processing of your personal data by submitting a request to the Company’s Privacy Officer via email at: privacidad.mx@palig.com.
Please note that revoking your consent may result in the inability to continue providing the contracted services and may lead to the termination of the legal relationship with the Company, including, where applicable, the cancellation of the Insurance Contract.
X. Security Measures for the Processing of Personal Data
The Company has implemented effective and corrective administrative, technical, and physical security measures to protect your personal data against damage, loss, alteration, destruction, and unauthorized use, access, or processing, both by the Company and by any third party involved in its processing.
XI. Means of Communicating the Privacy Notice and Any Changes to the Privacy Notice
This Privacy Notice, as well as any modifications there to, will be available for consultation on the Company’s official website: , and through notices posted at our offices. Nevertheless, the foregoing, such modifications may also be communicated through any other means the Company considers appropriate.
XII. Contact Information of the Privacy Officer
Email: privacidad.mx@palig.com
Address: Av. Paseo de la Reforma 412, Suite 1501, Colonia Juárez, Cuauhtémoc, Mexico City, C.P. 06600.
XIII. Consent to the Privacy Notice
Having read, explained, and disclosed this Privacy Notice to the Data Subject, the Data Subject hereby grants express consent for the processing of their personal data, including sensitive, financial, and asset‑related data, in accordance with the purposes described in this Notice.
Likewise, the Data Subject grants express consent for the transfer of their personal data under the terms established in this Privacy Notice.
Finally, in the event that you have provided personal, sensitive, financial, or asset‑related data of other data subjects through your conduct, you also accept and acknowledge the obligation to inform such data subjects of this Privacy Notice, explain the purposes of the data processing, and direct them to the Company’s website where this Notice is available. You also agree to inform them that you have provided their sensitive, financial, and/or asset‑related personal data. If applicable, you further accept and acknowledge your obligation to provide your own privacy notice and to safeguard and protect the personal data disclosed to you in your capacity as the data controller.
Date of last update: June 30, 2025.