At Volaris, we strive to provide the best travel experience in every way, so it is essential to protect the Customers’ rights, including their right to privacy and protection of their personal data.
We have security measures in place to safeguard our Customers’ information and to comply with existing regulations. We adhere to the Federal Law on Protection of Personal Data Held by Private Parties (LFPDP) of Mexico, the General Data Protection Regulation (GDPR) of the European Union, and the California Consumer Privacy Law (CCPA), which became effective in July 2011, May 2018, and January 2020, respectively. The LFPDP, the GDPR, and the CCPA enforce security and privacy requirements for personal data abroad. Additionally, we have several corporate policies, such as:
■ General Policy for the Protection of Personal Data
■ Attention to Holders’ Rights Policy
■ Policies of Blocking and Cancellation of Personal Data
■ Personal Data Violation Policies
■ Information Classification Policy
Identify the risks
Identify, analyze and prioritize risks based on emerging threats in home office schemes, including an analysis of third parties that provide services to Volaris.
Strengthen existing controls
Establish strategies to strengthen existing controls or implement additional controls that mitigate the identified risks of personal data.
Strengthen internal processes
Strengthen internal processes regarding personal data to standardize activities that involve the processing of personal data to achieve an adequate level of protection with those in charge of personal data.
Increase awareness and training campaigns on the protection of personal data and cybersecurity with Company’s Ambassadors and managers.
Strengthen technological security controls to protect personal data from threats.
Improve our internal policies
Improve our internal policies for the protection of personal data to strengthen action rules for those in charge of personal data.