Take Your Business to the Next Level + 15% Off Your First Creanda Service + Free Guide

en flag
en flag

Creanda — Privacy Notice

Last updated: 01 June 2025

1. Who We Are

Creanda Solutions S. de R. L. de C. V. (“Creanda,” “we,” “our”) is a Mexican company with its registered office at [full address, Mexico City].

  • Mexico: We act as the data controller under the Ley Federal de Protección de Datos Personales en Posesión de los Particulares 2025 (“LFPDPPP 2025”).

  • European Economic Area / UK: We are the Controller under the GDPR / UK GDPR.

  • California (USA): We are a Business under the CCPA / CPRA.

You can reach our Data Protection Officer (DPO) at privacy@creanda.website or +52 55 6444 1022.

2. Personal Data We Collect

CategoryTypical ItemsHow We Obtain ThemIdentification & ContactName, company, RFC/CURP, email, phone number, billing addressWebsite forms, contracts, WhatsApp BusinessBilling & PaymentCountry, currency, masked card tokens handled by StripeStripe PayLinksService UsageLogin logs, campaign metrics, interaction with n8n/AI flowsInternal platforms & analytics toolsMarketing PreferencesLanguage, topics of interest, click-through historyCookies, newsletters

We do not intentionally request or process sensitive personal data. If such data becomes essential, we will ask for your explicit consent beforehand.

3. Purposes & Legal Bases

PurposeMexico (LFPDPPP)GDPR / UK GDPRCCPA / CPRADeliver our marketing, branding & automation servicesContractArt. 6 (1)(b) – contract performanceBusiness purposeBilling, payments & accountingLegal obligationArt. 6 (1)(c)Id.Customer support (WhatsApp, email)Legitimate interestArt. 6 (1)(f)Id.Product analytics & improvementLegitimate interestArt. 6 (1)(f)Id.Newsletters & promotional messagesConsentArt. 6 (1)(a)May be “selling/sharing” of identifiersTargeted advertising (third-party cookies)ConsentArt. 6 (1)(a)“Sharing” – right to opt-out

You may withdraw consent or object at any time (see Section 8).

4. International Transfers

RecipientCountryPurposeSafeguardStripe, Inc.USAPayment processingStandard Contractual Clauses (SCC) + PCI-DSS encryptionMeta Platforms (Facebook, Instagram, WhatsApp)USAAds & messagingSCCOpenAI, L.L.C.USAAI model servicesSCC + data pseudonymisationCloud / SaaS tools (Google Workspace, Buffer/Hootsuite, n8n Cloud)VariousHosting & automationSCC or adequacy decision

Creanda does not sell personal data. California residents may exercise the “Do Not Sell or Share My Personal Information” right via the link in our cookie banner or by emailing us.

5. Your Rights

  • ARCO rights (Access, Rectification, Cancellation, Opposition) — Mexico.

  • GDPR / UK GDPR rights: access, rectification, erasure, restriction, portability, objection, and the right not to be subject to solely automated decisions with legal effect.

  • CPRA rights: know, delete, correct, opt-out of sale/sharing, limit use of sensitive data.

To exercise any right, email privacy@creanda.website with: (1) full name, (2) official ID copy, (3) right you wish to exercise, (4) clear description of the data involved.
We will answer within 20 business days and act within a further 15 days, where applicable.

6. Data Retention

We keep personal data for the duration of our contractual relationship and up to five (5) years thereafter for tax, antifraud and legal-defence purposes, unless a longer period is required by law or you validly request earlier deletion.

7. Security Measures

  • TLS 1.3 encryption in transit & AES-256 at rest

  • Multi-factor authentication for staff

  • Daily encrypted backups

  • Quarterly access reviews

  • Annual penetration tests and security audits

8. Cookies & Similar Technologies

We use first- and third-party cookies to:

  1. Remember your preferences

  2. Measure campaign performance

  3. Serve personalised ads

You can accept, reject or customise cookies via our consent banner or your browser settings. For full details, see our Cookie Notice.

9. Children

Our services are not directed to anyone under 18. We do not knowingly collect data from children under 13. If we learn we have done so, we will delete that data promptly (COPPA compliance).

10. Automated Decision-Making & Profiling

Our AI systems assist our team but do not make final decisions that produce legal or similarly significant effects without human involvement. Should this change, we will inform you and provide a mechanism for human review.

11. Supervisory Authorities

  • Mexico: Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI)

  • EEA: Your local Data Protection Authority

  • UK: Information Commissioner’s Office (ICO)

  • California: California Attorney General

You have the right to lodge a complaint with your supervisory authority.

12. Changes to This Notice

We may update this Notice to reflect legal or business changes. The current version will always be available at creanda.website/privacy with its effective date. Material changes will be highlighted by email or on-site banner.

13. Contact Us

Data Protection Officer (DPO) – Lic. [Full Name]

Creanda is committed to safeguarding the confidentiality, integrity and availability of your information and to processing it transparently and responsibly in line with global privacy standards.

Success

We propel your business with effective strategies.

Contact
Want More Information?

  • creandacenter@gmail.com

  • +52 55 6444 1022

© 2025. All rights reserved.

Privacy Policy