GDPR Compliance

1. Data Controller

QuePasa acts as a data controller for the personal information you provide when using our services.

2. Legal Basis for Processing

We process personal data based on consent, contract performance, legitimate interests, and legal obligations.

3. Data Subject Rights

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data
• Right to Restriction: Limit how we process your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests

4. Data Protection Officer

Our Data Protection Officer can be contacted at dpo@quepasa.com for any GDPR-related inquiries.

5. Data Breach Notification

In the event of a data breach, we will notify affected individuals and relevant authorities within 72 hours.

6. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place.

7. Automated Decision Making

We do not use automated decision-making processes that significantly affect you.

8. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection authority.