Data Privacy
Normal
Learn all about the open government exercise with which AIFA collects the opinion of users.
×
Transparency Unit Data
Data from the Transparency Unit
Political Constitution of the United Mexican States: View document
General Law on the Protection of Personal Data in Possession of Obligated Subjects: View document
General Guidelines for the Protection of Personal Data for the Public Sector: View document
Contact Details of the Transparency Unit| information | Details |
|---|---|
| domicile | Circuito Exterior Mexiquense Km. 33, Santa Lucia, Municipality of Zumpango, State of Mexico. C.P. 55640 |
| transparencia@aifa.aero | |
| telephone | 55 5798 9800, ext. 12016 |
| Hours of Operation | Monday to Friday from 8:00 a.m. to 4:00 p.m. |
| Head of the Unit | Salvador Suárez García |
×
Privacy Notices
A. Directorate of Administration
B. Commercial and Services Management
C. Operation Management
D. Sub-Directorate for Coordination and Monitoring of Agreements
Comprehensive Privacy Notices
Privacy Notices
A. Directorate of Administration
- Comprehensive Human Resources Privacy Notice
- Passenger Processing System App Comprehensive Privacy Notice
- Comprehensive Privacy Notice for Biometric Registration at the Passenger Processing System Kiosk
- Comprehensive Privacy Notice for Conventional Counter Assisted Biometric Registration
B. Commercial and Services Management
- Comprehensive Privacy Notice of the Commercial and Services Department
- Comprehensive Privacy Notice of Mailbox, Complaints and Congratulations
- Comprehensive Privacy Notice of the Land Mobility Management
- Comprehensive Privacy Notice for Airport and Complementary Services
C. Operation Management
- Comprehensive Privacy Notice for Closed Circuit Television
- Comprehensive Privacy Notice of the Airport Identification Management
D. Sub-Directorate for Coordination and Monitoring of Agreements
- Comprehensive Privacy Notice of the Guided Tour Service
- Passenger Satisfaction Survey Comprehensive Privacy Notice
×
Aspect 1: Principles Variable 1.1 Comprehensive Privacy Notice
Aspect 2: Duties Variable 2.1 Security duty
Variable 2.2: Duty of confidentiality and communication of personal data
Aspect 3: Exercise of ARCO rights Variable 3.1 Mechanism for the exercise of ARCO rights
Aspect 4: Portability Variable 4.1. Portability of personal data
Aspect 5: Preventive actions in the field of personal data protection Variable 5.1: Impact assessment on the protection of personal data
Aspect 6: Personal Data Protection Officers Variable 6.1: The Transparency Committee and the Transparency Unit
Variable 6.2: Personal Data Protection Officer
Relevant Information
Format Virtual Section "Personal Data Protection"
| No. | Criterion | Means of Verification |
|---|---|---|
| 1 | Hyperlink to the section called "Personal Data Protection" published on the internet portal of the obligated entity on the homepage. | Personal data protection |
| 2 | Hyperlink to the section "1. Comprehensive privacy notices" published in the section "Protection of Personal Data". | Comprehensive Privacy Notices |
| 3 | Hyperlink to section "2. Data of the Transparency Unit and, where applicable, of the Personal Data Protection Officer" published in the section "Personal Data Protection". | Data of the Transparency Unit |
| 4 | Hyperlink to section "3. Relevant information on personal data protection" published in the section "Personal Data Protection" "Relevant information on personal data protection". | Relevant Information |
Fiscal year (year) for which the information is presented: 2024
Date of publication of the information: 03/10/2022
Date of last update: 15/08/2024
| No. | Criterion | Means of Verification |
|---|---|---|
| 1 | Official letter or instrument through which the allocation of resources for the implementation of personal data protection programs and policies is authorized. | Click here |
| 2 | Hyperlink to the personal data protection programme or policy. | Click here |
| 3 | Hyperlink to the personal data protection training program. | Click here |
| 4 | Hyperlink to the document specifying the monitoring and surveillance systems. | Click here |
| 5 | Hyperlink to the document in which the controller establishes the procedure for receiving and responding to doubts and complaints from data subjects regarding personal data protection. | Click here |
Year (year) for which the information is presented: 2024
Date of publication of the information: 03/10/2022
Date of last update: 05/08/2024
| No. | Criterion | Means of Verification |
|---|---|---|
| 1 | Hyperlink to the public version of the controller's security document, testing only what is related to the work plan that also contains the risk and gap analysis. | Click here |
| 2 | Hyperlink to the document containing the internal policies for the management and processing of personal data. | Click here |
Year (year) for which the information is presented: 2024
Date of publication of information: 03/10/2022
Date of last update: 28/05/2024
| No. | Criterion | Means of verification |
|---|---|---|
| 1 | Hyperlink to the document establishing the controls aimed at ensuring the confidentiality that must be maintained by all persons involved in any phase of data processing personal. | Click here |
| 2 | Hyperlink to the document containing the list of the legal instruments that regulate the relationship with the processors, in which it will be established as a general clause to maintain confidentiality with respect to the personal data processed by the processor. | "As of this date, there are no contracts with any supplier acting in its capacity as processor in terms of the provisions of article 59 of the General Law on the Protection of Personal Data in Possession of Obligated Subjects". |
| 3 | Hyperlink to the document containing the list of legal instruments through which the contracting or adhesion to services, applications and infrastructure in cloud computing and other matters is formalized. | "To date, there are no providers of services, applications and infrastructure for cloud computing and other matters." |
| 4 | Hyperlink to the document containing the list of the legal instruments through which the transfers of personal data are formalized. | "To date, the AIFA does not have processes related to transfers of personal data, therefore this criterion, " |
Fiscal year (year) for which information is presented: 2024
Date of publication of information: 03/10/2022
Date of last update: 01/07/2024
| No. | Criterion | Means of Verification |
|---|---|---|
| 1 | Hyperlink of the document containing the means and procedures enabled by the responsible party to respond to requests for the exercise of ARCO rights. | Click here |
| 2 | Hyperlink to the document detailing the information regarding the requests for the exercise of the right of Access to personal data received by the obligated entity. | Click here |
| 3 | Hyperlink to the document detailing the information relating to requests for the exercise of the right to rectification of personal data received by the obligated entity. | Click here |
| 4 | Hyperlink to the document detailing the information relating to the requests for the exercise of the right to Erasure of personal data received by the obligated entity. | Click here |
| 5 | Hyperlink to the document detailing the information relating to requests for the exercise of the right to Object to the processing of personal data received by the obligated subject. | Click here |
Year (year) for which the information is presented: 2024
Date of publication of the information: 03/10/2022
Date of last update: 20/08/2024
| No. | Criterion | Means of verification |
|---|---|---|
| 1 | Indicate whether the obligated entity processes personal data by automated or electronic means (Yes / No). | Yes |
| 2 | Indicate whether you use an electronic format that is accessible and readable by automated means, i.e., that the latter can identify, recognize, extract, scan or perform any other operation with specific personal data (Yes / No) | No |
| 3 | Indicate whether the The format used allows the reuse and/or use of personal data (Yes / No) | No |
| 4 | Document containing the hyperlink to the comprehensive privacy notice(s) for each processing of personal data in which it is possible to request the portability of these. | No applies at this time |
| 5 | Please indicate whether, in the event that the owner does not accompany his or her request with the storage medium for the preparation of the corresponding copy of his or her personal data, the obligated entity provides such storage medium (Yes / No). | N/A |
| 6 | Hyperlink to the document establishing administrative, physical and technical security measures for the transmission of personal data, such as, but not limited to, user authentication mechanisms, secure connections, or the use of encrypted electronic means of transmission. | Not Applicable |
Year (year) for which the information is presented: 2024
Date of publication of the information: 03/10/2022
Last update: 28/05/2024
| No. | Criterion | Means of Verification |
|---|---|---|
| 1 | Name of the public policy, program, system, platform, application or any other activity that involves the intensive or relevant processing of personal data carried out. | Passenger Processing System of AIFA, S.A. de C.V. |
| 2 | The public policy, program, system, platform, application or any other activity that involves the intensive or relevant processing of personal data carried out is subject to one of the exemptions of the impact assessment submission (Yes/No). | No |
| 3 | If answered in the affirmative, hyperlink to the exemption report issued by the INAI. You must omit to enter information in the subsequent criteria of this variable. In the event that the public policy, program, system, platform, application or any other activity that involves the intensive or relevant processing of personal data carried out, is not subject to any of the exemptions from the presentation of the impact assessment, publish the hyperlink to the impact assessment delivered to INAI. | Not Applicable |
| 4 | Hyperlink to the corresponding non-binding recommendations opinion issued by INAI. | Click here |
Fiscal year (year) for which the information is presented: 2024
Date of publication of the information: 03/10/2022
Last update: 20/08/2024
| No. | Criterion | Verification Means |
|---|---|---|
| 1 | Indicate if it has a Transparency Committee (Yes/No) | Yes |
| 2 | Hyperlink to the document containing the internal procedures established and implemented to ensure greater efficiency in the management of applications for the exercise of ARCO rights. | Click here |
| 3 | Hyperlink to the specific criteria established by the Committee for the Better Observance of the General Law and those applicable provisions on the matter. | Click here |
| 4 | Hyperlink to the training and updating program for the public servants of the responsible established by the Committee. | Click here |
| 5 | Indicate if it has a Transparency Unit (Yes/No). | YES |
| 6 | Indicate if the Transparency Unit is the area in charge of managing requests for the exercise of rights ARCO (YES / No) | YES |
| 7 | Hyperlink to the document containing the mechanisms established by the Transparency Unit to ensure that personal data are only delivered to their owner or duly accredited representative. | Click here |
| 8 | Hyperlink to the document by which the controller informs the general public of the costs for the reproduction and sending of the personal data requested, based on the provisions of the applicable regulatory provisions. | Click here |
| 9 | Hyperlink to the document containing the instruments applied to assess the quality of the management of applications for the exercise of ARCO rights. | Click here |
| 10 | Hyperlink to the document that lists the agreement(s) made with specialized public institutions to assist in the reception, processing and delivery of responses to requests for personal data, in indigenous language, Braille or any corresponding accessible format, in a more efficient way. | Click here |
Year (year) for which the information is presented: 2024
Date of publication of information: 03/10/2022
Date of last update: 20/08/2024
| No. | Criterion | Means of verification |
|---|---|---|
| 1 | Carries out intensive or relevant personal data processing (Yes/No). | No |
| 2 | Hyperlink to the document by which the controller appointed the Personal Data Protection Officer. | Click here |