top of page

Privacy Policy

I. IDENTITY AND ADDRESS OF THE RESPONSIBLE PARTY

TRIPP INTERNATIONAL GROUP SA de CV (hereinafter "the Responsible Party"), with address at Zapotecas 170, Ensenada Baja California, CP 22860, Mexico, and contact email: contact@trippwine.com, in its capacity as a company dedicated to the development and operation of wine tourism programs at an international level, is responsible for the processing of your personal data.

II. PERSONAL DATA COLLECTED

2.1 Identification and contact details

  • Full name

  • Date and place of birth

  • Nationality

  • Passport number or valid official identity document

  • Private residence

  • Landline and/or mobile phone (national and international)

  • Email

2.2 Financial and asset data

  • Data necessary to process payments securely (which are managed through encrypted payment platforms; we do not store your card details on our servers).

  • Billing information: Tax ID, company name or tax name, tax address

2.3 Sensitive Data

The Data Controller may collect the following data considered sensitive under Article 3, Section VI, of the LFPDPPP, only when strictly necessary for the provision of the service:

  • Current or past health status (medical conditions, allergies, special dietary requirements)

  • Physical or motor disabilities that require special attention during wine tourism activities

The processing of sensitive data will be carried out exclusively with your express and written consent, in accordance with the terms established in the LFPDPPP.

2.4 Migration data

  • Visa number or entry permit to the destination country of the wine tourism program

  • International travel insurance information

III. PURPOSES OF THE PROCESSING OF PERSONAL DATA

3.1 Primary purposes (necessary for the contractual relationship)

  • Identification, registration and incorporation of the holder into the contracted wine tourism programs

  • Management of reservations, itineraries and logistics for wine tours in Mexico and abroad

  • Payment processing, issuance of tax receipts and invoicing

  • Coordination with wineries, vineyards, hotels, guides and other tourism providers in the destination countries

  • Compliance with tax, customs and immigration obligations arising from international travel

  • Management of travel insurance and emergency medical care during the programs

  • Communication of operational changes, cancellations or modifications to the contracted program

  • Handling complaints, suggestions and exercising ARCO rights

3.2 Secondary purposes (not necessary for the contractual relationship)

  • Sending promotional information, special offers and new wine tourism programs

  • Conducting satisfaction surveys and market research

  • Publication of testimonials or photographs on social media and advertising material

  • Development of gastronomic and oenological preference profiles for the personalization of future services

If you do not wish your data to be processed for secondary purposes, you can indicate this from this moment by sending an email to [PRIVACY EMAIL] indicating in the subject: "OPPOSITION TO SECONDARY PURPOSES".

IV. TRANSFER OF PERSONAL DATA

The Data Controller may transfer your personal data, without requiring your consent, in the cases provided for in article 37 of the LFPDPPP, or, with your consent, to the following third parties:

  • Wineries, vineyards and tour operators located in the host countries of the wine tourism programs (Spain, France, Italy, Argentina, Chile, United States, among others), in order to coordinate the contracted services

  • Airlines, hotels, land transport companies and national and international tourism service providers

  • Travel insurance companies for managing coverage and claims

  • Immigration and customs authorities of Mexico and the destination country, in compliance with legal obligations

  • Mexican tax authorities (SAT) for the fulfillment of tax obligations

  • Technology service providers and digital platforms acting as data processors under strict confidentiality obligations

In cases of international data transfers to countries that do not have adequate levels of protection in accordance with Mexican regulations, the Data Controller will adopt the relevant legal and contractual measures to guarantee the protection of your information, including the execution of standard contractual clauses.

V. ARCO RIGHTS AND MECHANISMS FOR THEIR EXERCISE

You have the right to Access, Rectify, Cancel or Oppose (ARCO rights) the processing of your personal data, in accordance with the provisions of articles 28 to 37 of the LFPDPPP and its Regulations.

5.1 Procedure for exercising ARCO rights

To exercise your ARCO rights, you must submit a request through any of the following means:

  • Email: [PRIVACY EMAIL], with the subject: "EXERCISE OF ARCO RIGHTS"

  • Written communication addressed to the Privacy Department at the address of the Data Controller indicated in section I

5.2 Information required in the application

Your application must contain:

  • Full name of the holder and, where applicable, of the legal representative with accreditation of representation

  • Address or other means to communicate the response

  • Clear and precise description of the personal data subject to the request and the right you wish to exercise

  • Simple copy of valid official identification

  • Any item or document that facilitates the location of your personal data

5.3 Response times

The Data Controller will respond within a maximum of twenty (20) business days from the date of receipt of your request. If applicable, the response will be provided within fifteen (15) business days following notification.

VI. REVOCATION OF CONSENT

You may withdraw your consent to the processing of your personal data at any time, unless the processing is necessary for compliance with a legal or contractual obligation. To do so, follow the same procedure described in section V, indicating "WITHDRAWAL OF CONSENT" in the subject line.

We inform you that the revocation of consent for purposes necessary for the execution of the wine tourism services contract could make it impossible to provide the contracted service.

VII. LIMITATION ON THE USE AND DISCLOSURE OF DATA

If you wish to limit the use or disclosure of your personal data to receive advertising or promotions, you can register in the Public Registry to Avoid Advertising (REPEP) administered by PROFECO, or communicate it directly to the Responsible Party through the email [PRIVACY EMAIL].

VIII. USE OF COOKIES AND TRACKING TECHNOLOGIES

Our website and mobile apps use cookies, web beacons, and similar technologies to enhance user experience, analyze traffic, personalize content, and facilitate booking processes. You can configure your browser to disable these technologies; however, some site functionality may be affected.

For more information about our Cookie Policy, please see [COOKIE POLICY URL].

IX. SECURITY MEASURES

The Data Controller has implemented the necessary and sufficient administrative, technical and physical security measures to protect your personal data against damage, loss, alteration, destruction, unauthorized use, access or processing, in accordance with Article 19 of the LFPDPPP and the Privacy Notice Guidelines published by the INAI.

These measures include: SSL/TLS encryption in data transmissions, payment processing under the PCI-DSS standard, restricted access to personal data based on the principle of necessity, and confidentiality agreements with employees and suppliers.

X. CHANGES TO THE PRIVACY NOTICE

This Privacy Notice may be modified, changed, or updated at any time by the Data Controller. Modifications will be notified through [NOTIFICATION METHODS: registered email address / official website / notice board at the establishment], at least ten (10) business days prior to their effective date, except in those cases where the modification is required by applicable law.

XI. COMPETENT AUTHORITY

If you believe that your right to the protection of personal data has been violated by any action or omission of the Responsible Party, you may file a complaint or report with the National Institute for Transparency, Access to Information and Protection of Personal Data (INAI), located at Insurgentes Sur No. 3211, Col. Insurgentes Cuicuilco, CP 04530, Mexico City, or through the website www.inai.org.mx.

XII. CONSENT

By contracting any of the wine tourism programs offered by the Responsible Party, using our website, providing your data through any communication channel, or signing this notice, you declare that you have read and understood its content, as well as granting your free, specific, informed and unequivocal consent for the processing of your personal data in accordance with the primary purposes described herein.

For the processing of sensitive data and for the secondary purposes indicated in section III.2, your express written consent will be required.

bottom of page