[DÓLARAPP MÉXICO S.A. de C.V.] (hereinafter DolarApp), with address at Calle Sur 105, Numero Exterior 1206, Colonia Aeronáutica Militar, Municipio Venustiano Carranza, CP 15970, Ciudad de México, publishes this Privacy Notice, in order to use and protect the Personal Data of its Users that are in our possession, and regulate its legitimate, controlled treatment and informed, in order to guarantee privacy and the right to self-determination and in compliance with the legal provisions regarding the protection of personal data such as the Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP).

For this purpose, DolarApp reports the following:

For everything related to the treatment and protection of your Personal Data, you can contact us by sending an email to the following address community@dolarapp.io.

1. PURPOSE OF THE USE OF YOUR PERSONAL DATA

The personal information you provide us will be used for the following primary purposes:

• The fulfillment of the contractual relationship derived from the request and / or contracting of our products or services.
• Verify, confirm and validate your identity.
• Integrate your Identification File and Transaction History.
• Contact you in case of unusual activity, respond to requests for support or when required by any applicable law or authority.
• Manage, operate and monitor the services provided by DolarApp.
• Audit processes of the competent authorities.
• To comply with the notices provided for the prevention of money laundering with respect to vulnerable activities.

Your personal information may be used for the following secondary purposes:

• Send you offers of the services provided by DolarApp
• Prepare profiles of Clients to offer products and services.

In the event that the client does not want their personal data to be processed for these secondary purposes, they may at any time express it and oppose or revoke their consent; These actions will not be grounds for denial of the provision of services.

2. PERSONAL DATA TO BE COLLECTED

Paternal surname, maternal surname and name or names; country of birth, nationality, gender; date of birth; particular domicile of the country of residence and in case of having domicile in national territory, that one will also be collected, made up of the name of the street, avenue or thoroughfare in question, duly specified; exterior number and, where appropriate, interior number; colony or urbanization; city or town, federative entity, state, province, department or similar political demarcation that corresponds, if applicable; postal code and country; occupation, profession, activity or line of business in which the client is engaged; Unique Population Registry Code (CURP), Federal Taxpayers Registry; phone number; Email address; Standardized Banking Code (CLABE) in the Financial Institution and that corresponds to the User’s name. Likewise, official identification documents and the data of this identification (issuing authority and number), and, where appropriate, proof of address, digitized to verify the veracity of the data provided, will be requested.

3. SENSITIVE PERSONAL DATA

DolarApp will not request sensitive personal data, which in accordance with article 3, section VI of the LFPDPPP are: those personal data that affect the most intimate sphere of its owner, or whose improper use may give rise to discrimination or entail a risk serious for this one. In particular, those that may reveal aspects such as racial or ethnic origin, present and future health status, genetic information, philosophical and moral religious beliefs, union affiliation, political opinions, sexual preference are considered sensitive.

4. TRANSFER OF PERSONAL DATA

DolarApp may reveal or transfer your Personal Data at the request of the competent authority or in any other of the cases established in articles 10 and 37 of the LFPDPPP, for which the consent of the Holder of said personal data is not required, in accordance with the own LFPDPPP and its Regulations.

Additionally, DolarApp may share your Personal Data with:

1. Companies belonging to the DolarApp Corporate Group. That is, any affiliate, subsidiary or holding company of the company or any other company of this.
2. Suppliers that provide services to the company for the maintenance or fulfillment of the contractual relationship with its Users.
3. Providers of risk management, information security, providers of specialized software necessary to comply with the contractual relationship that unites us with our Users, providers of specialized software in fraud prevention and the like.

DolarApp has contracted with Synapse Financial  Technologies, Inc. (“Synapse”), a backend technology service provider that owns or otherwise has relationships with, (i) Synapse Brokerage LLC, an SEC-registered broker-dealer and member of FINRA and SIPC; (ii) Synapse Credit LLC, a state-licensed lender; and (iii) certain banks and financial institutions and service providers (each of the foregoing being a “Partner Financial Institution”). Among other services, Synapse assists DolarApp with “Know Your Customer” requirements and other obligations. For purposes of satisfying “Know Your Customer” requirements, DolarApp asks for your identifying information, such as your name, email address, tax identification number, address, telephone number, date of birth, videos, and photographs that may contain images of your face, including your driver’s license or government-issued identification number or card. DolarApp will also collect information pertaining to your account transactions. Your personal information will be shared with Synapse and will be subject to the Synapse Privacy Policy. Synapse will share your information as necessary with its Partner Financial Institutions and other  service providers in connection with providing their services. The privacy policies of Synapse, its affiliates and its Partner Financial Institutions can be found here.

The data may only be shared with third parties that comply with the purposes established in this notice. It should be noted that DolarApp will not sell, assign or transfer your personal data to third parties outside the company, its affiliates, subsidiaries and related parties, without your prior consent, with the understanding that the recipient of the data will assume the same obligations that correspond to DolarApp.

5. SECURITY MEASURES TO PROTECT PERSONAL DATA

Your personal information will be protected under strict confidentiality, and to prevent any damage, loss, alteration, destruction or use or improper or unauthorized disclosure, we have implemented physical, technical and administrative security measures in accordance with the Federal Law for the Protection of Personal Data in Possession of Individuals and its Regulations.

The User can revoke the consent, limit the use that, where appropriate, they have given us for the processing of their personal data and oppose the use of their personal data for secondary purposes. However, it is important that you bear in mind that not in all cases we will be able to respond to your request or terminate the use immediately, since it is possible that due to some legal obligation we will need to continue treating your personal data. Likewise, it must be considered that, for certain purposes, the revocation of consent will imply that we cannot continue to provide the service you requested, or the conclusion of your relationship with us.

To revoke your consent or limit the use of your personal data, you must submit your request to the following email info@dolarapp.io which must contain the following requirements (i) name of the owner of the information, their address and email or other means to communicate the response; (ii) documents that prove your identity or the corresponding legal representation; (iii) clear and precise description of the personal data or purposes for which the right of revocation or corresponding opposition is exercised; and (iv) any other element that facilitates the location of personal data.

6. ARCO RIGHTS AND REVOCATION OF CONSENT

In the terms allowed by the applicable regulations, it is your right to know what Personal Data we store, what we use them for and the conditions of use that DolarApp gives them, likewise, it is your right to request the correction of your personal information if it is out of date , whether inaccurate or incomplete, that we will delete your personal data from our records or databases when it considers that they are not being used in accordance with the principles, duties and obligations provided for in the regulations, as well as oppose the use of your personal data for specific purposes . All of the above known as ARCO rights.

You have the right to request at any time access, rectification, cancellation or opposition, regarding the personal data that concern you, unless it is not appropriate in terms of the applicable regulations, which we will inform you if the case arises.

For the exercise of any of the ARCO rights, the client must submit the respective request, in the following email info@dolarapp.io; Said request must contain the following requirements: (i) name of the owner of the information, his / her address and email or other means to communicate the response; (ii) documents that prove your identity or the corresponding legal representation; (iii) clear and precise description of the personal data with respect to which the corresponding right is exercised; and (iv) any other element that facilitates the location of personal data. The client has the obligation to observe the pertinent requirements for the exercise of their ARCO Rights. In the case of Rectification requests, the owner must also indicate the modifications to be made and provide the documentation that supports his request.

DolarApp will communicate to the owner of the information, by means of the email indicated for these purposes, the determination adopted regarding their request, within a maximum period of twenty days from the date it was received. If the request is appropriate, it will be effective within fifteen days from the date on which your response is communicated. These terms can be extended only once for an equal period, as long as the circumstances of the case justify it. In the case of requests for access to personal data, the delivery will proceed prior accreditation of the identity of the applicant or legal representative as appropriate.

7. USO DE COOKIES, WEB BEACONS O CUALQUIER OTRA TECNOLOGÍA SIMILAR O ANÁLOGA

«Cookies»: It is defined as a piece of programming information contained in a text file that is saved in your Internet browser or elsewhere on your hard drive. You can manage the acceptance of these directly in the preferences of your browser, taking into account that, if you decide to block them, you may not be able to access the content of our application. DolarApp may use cookies to distinguish your browser from others in our application, as well as to collect statistics on them.

«Web beacons»: DolarApp may use tracking technologies such as «web beacons» to collect data about your visits to the mobile application; Similar to «cookies», these are small electronic images embedded in web content or email messages, which are not normally visible to users and which allow us to generate almost personalized content to offer you a better experience when using our application. .

Through cookies and web beacons, DolarApp will not collect personal data.

Biometric Data: In the process of opening accounts remotely, we may collect and use information that identifies you through an image taken from the device you use to access our services. For more information please see the terms and conditions of our products and services.

8. CHANGES TO THE PRIVACY NOTICE

DolarApp may modify, change and / or update this Privacy Notice derived from new legal requirements; of our own needs for the products or services we offer; of our privacy practices; Changes in our business model, or other causes. We are committed to keeping you informed about the changes that this privacy notice may undergo, through our application or by email.

The User has the obligation to review the policies frequently in order to find out about the modifications. The entry into force of the changes suffered by this Privacy Notice will be ten days after its publication, within five days after its publication, the User must state if he is not satisfied with them via email, if so, the provision of services will be suspended. Once this period has expired, the User will be deemed to accept the modifications to the Privacy Notice.

‍

9. ACCEPTANCE

This Privacy Notice is subject to the express consent of the owner of the data, which constitutes a legal agreement between the User and DolarApp. The use of the services of DolarApp will be considered as the express manifestation of the client’s will and of agreeing with this Privacy Notice, without excluding that there is an additional express way of expressing the client’s will.

10. AUTHORITY

The competent authority for the protection of personal data in Mexico is the National Institute of Transparency, Access to Information and Protection of Personal Data (INAI). In the event that the User considers that their rights are being violated, they can go to the INAI to obtain more information and help in this regard.

Last Update: 5th June 2023

‍

‍