top of page

PRIVACY POLICY

Effective Date: November 25, 2025

1. GENERAL PROVISIONS


This Privacy Policy ("Policy") regulates the collection, processing, storage, and protection of personal data of users ("Users") of the website www.elederayos.online (the "Website"), managed by Belen Contreras, the data controller in accordance with the Federal Law on Protection of Personal Data Held by Private Parties ("LFPDPPP") of Mexico, in the context of services provided by Ele de Rayos.
 

By using the Website, the User confirms their consent to this Policy and the conditions for processing personal data, as well as the "Terms of Use" available at www.elederayos.online/terms-eng.
The Policy is prepared in accordance with the LFPDPPP of Mexico. For international users, we strive to adhere to key principles of prominent regulations such as the General Data Protection Regulation (GDPR) for the European Union, including data minimization, transparency, and security, in respect of all our users.
 

The data controller is Belen Contreras, responsible for the processing of personal data in accordance with the LFPDPPP.


The Website and services are intended exclusively for persons over 18 years of age. By accessing, the User confirms they are 18 or older. If data from a minor (under 18) is detected, it will be deleted immediately, and access will be suspended. Parents or legal guardians can contact the Controller at elederayos@yahoo.com to resolve any issues related to minors' data.
 

The Policy is available in English as the primary language for international users; a Spanish version is available upon request.

2. PURPOSES OF DATA COLLECTION AND PROCESSING
 

Personal data is collected for:

  • Identification and communication with Users to provide services (e.g., scheduling and conducting sessions via WhatsApp).

  • Ensuring compliance with the filter stated in the Terms of Use (not working with individuals in acute mental health states).

  • Protecting the legitimate interests of the Controller, such as fraud prevention or contesting erroneous payment chargebacks.
    No data is used for marketing, newsletters, or secondary purposes. Processing is limited to what is necessary and does not involve sensitive data (e.g., health or psychological information).

 

3. DATA WE COLLECT
 

The Controller collects minimal data necessary to organize the services:

  • Personal Data: Full name (as provided, e.g., from Facebook or LinkedIn) and phone number (for WhatsApp communication).

  • Transaction Data: For payment processing, we use the third-party service Stripe, Inc. When you make a payment, you provide your payment details (card information, PayPal account) directly to Stripe in accordance with their Privacy Policy. We do not receive or store your full payment credentials. We only have access to information necessary to identify the transaction (amount, status, last 4 digits of the card).
    We consciously do not collect technical data (IP addresses, cookies, device data) through the Website. We do not intentionally collect or store sensitive personal data.

 

4. CONFIDENTIALITY
 

All data provided by Users is confidential. The Controller commits not to disclose data without written consent. Use of data for advertising, educational, or public purposes is only possible with express User consent.

 

5. DATA TRANSFERS TO THIRD PARTIES
 

Data may be transferred to third parties only in the following cases:

  • Communication platforms like WhatsApp (Meta Platforms, Inc., based in the USA/Ireland), which may involve international transfers. Users are notified that these platforms may transfer data outside Mexico in accordance with their privacy policies (available on their official sites).

  • Compliance with legal requirements in Mexico or other jurisdictions.
    International data transfers are protected by appropriate safeguards, such as data processing agreements ensuring equivalent protection under LFPDPPP. Data is not sold or rented. Transfers for marketing or commercial purposes without User consent are prohibited.

 

6. DATA STORAGE AND SECURITY
 

Data (name and phone number) is stored within the WhatsApp message history on the Controller's personal device. The Controller uses device-level security measures (passwords, encryption where available).
 

This data will be deleted promptly upon the User's request at any time. In the absence of such a request, data is retained only for as long as is strictly necessary to fulfill the purposes outlined in Section 2 of this Policy (e.g., to complete a Service or resolve a related inquiry), after which it is deleted.
 

We do not create separate databases or archives of Clients' personal data. Transaction data within Stripe is stored by them in accordance with their retention policy.

 

In the event of a personal data breach, the Controller will notify Users and, if necessary, the National Institute for Transparency, Access to Information and Personal Data Protection (INAI) within the timelines established by the LFPDPPP.

 

7. USER RIGHTS (ARCO RIGHTS)
 

In accordance with the LFPDPPP, the User has the right to:

  • Access: Request information about collected data.

  • Rectification: Demand correction of inaccurate or outdated data.

  • Cancellation: Request deletion of data.

  • Opposition: Object to data processing for specific reasons.
     

  • To exercise ARCO rights, the User must send a request to elederayos@yahoo.com, including:
    1) full name; 2) description of the request (access, rectification, cancellation, opposition); 3) copy of an official identification document (e.g., INE, passport) to verify identity. The identification document is used solely for verification and is not stored. The Controller will respond within 20 business days after receiving a properly formulated request, in accordance with the LFPDPPP. Requests lacking necessary information may be rejected with notification of the reasons and required actions to resubmit.

  • Users may also file a complaint with the INAI in Mexico.
     

  • For international users: We strive to facilitate the exercise of similar rights (like data portability under GDPR or opt-out rights under CCPA) upon verifiable request. All such requests are accepted via email at elederayos@yahoo.com.

8. USER OBLIGATIONS

  • Provide truthful and updated information.

  • Respect the confidentiality of others' data and Website materials.

9. CHANGES TO THE POLICY
 

The Controller reserves the right to make changes to the Policy. Users will be notified of changes via email (if provided) or an announcement on the Website's main page. The updated version is published at www.elederayos.online/privacy-eng.

 

10. APPLICABLE LAW
 

This Policy is governed by the laws of Mexico, particularly the LFPDPPP. We strive to respect the core principles of international data protection frameworks. Any disputes related to data processing shall be subject to the exclusive jurisdiction of the competent courts located in Mexico City, Mexico.

 

11. CONTACT
 

For questions regarding data processing and exercising your rights, contact:

  • Email: elederayos@yahoo.com

  • Contact Person: Belen Contreras, data controller in accordance with the LFPDPPP.
    All formal requests (ARCO, deletion, etc.) must be submitted via email to the address above.

bottom of page